m606aee.lucky-gambler.net Open in urlscan Pro
104.21.53.112 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://m2b76ba.krvnbethub.com/
Effective URL:
https://m606aee.lucky-gambler.net/?lp=kb_wo2_class&serviceTrackId=d01175c2-e18f-44e9-9533-c60c99b4a537
Submission: On June 14 via api (June 14th 2024, 10:32:38 am UTC) from US — Scanned from NL

Summary HTTP 35 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 19 domains to perform 35 HTTP transactions. The main IP is 104.21.53.112, located in and belongs to CLOUDFLARENET, US. The main domain is m606aee.lucky-gambler.net.
TLS certificate: Issued by E1 on April 26th 2024. Valid for: 3 months.

This is the only time m606aee.lucky-gambler.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.0.165 104.21.0.165	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.212.58 172.67.212.58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.163.124 172.67.163.124	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.16.230 104.21.16.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.10.87 104.21.10.87	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.62.138 104.21.62.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.49.125 104.21.49.125	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.18.61 104.21.18.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.69.64 104.21.69.64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.27.221 104.21.27.221	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.21.53.112 104.21.53.112	13335 (CLOUDFLAR...) (CLOUDFLARENET)
35	14

8 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

m2b76ba.krvnbethub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcd1859.slotsvictory.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m5fc3ff.wowlucky.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m864e43.enjoyslot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

cdnred.ext-files.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m665a68.gamblingluck.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m4c25bd.gamble-risk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m04056c.slotforjoy.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnl-kb.ext-files.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.0.165 (None, )

ASN13335 (CLOUDFLARENET, US)

m867e23.slots-formoney.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.212.58 (United States)

ASN13335 (CLOUDFLARENET, US)

m606aee.lucky-gambler.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.163.124 (United States)

ASN13335 (CLOUDFLARENET, US)

m56c01d.money-slots.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.16.230 (None, )

ASN13335 (CLOUDFLARENET, US)

m29712f.luckywinning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.10.87 (None, )

ASN13335 (CLOUDFLARENET, US)

m3f788a.marvelousplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.62.138 (None, )

ASN13335 (CLOUDFLARENET, US)

m852a19.perfectmoneyland.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.49.125 (None, )

ASN13335 (CLOUDFLARENET, US)

m1283b0.slotforjoy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.18.61 (None, )

ASN13335 (CLOUDFLARENET, US)

mc1800a.successfulslot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.69.64 (None, )

ASN13335 (CLOUDFLARENET, US)

m0f71aa.successfulslot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.27.221 (None, )

ASN13335 (CLOUDFLARENET, US)

m33b73c.wowcasino.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.53.112 (None, )

ASN13335 (CLOUDFLARENET, US)

m606aee.lucky-gambler.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	ext-files.net cdnred.ext-files.net cdnl-kb.ext-files.net	201 KB
5	krvnbethub.com 1 redirects m2b76ba.krvnbethub.com	5 KB
3	lucky-gambler.net m606aee.lucky-gambler.net	5 KB
1	enjoyslot.net m864e43.enjoyslot.net	704 B
1	wowlucky.net m5fc3ff.wowlucky.net	718 B
1	wowcasino.net m33b73c.wowcasino.net	713 B
1	successfulslot.net m0f71aa.successfulslot.net	722 B
1	successfulslot.com mc1800a.successfulslot.com	719 B
1	slotforjoy.net m04056c.slotforjoy.net	709 B
1	slotforjoy.com m1283b0.slotforjoy.com	709 B
1	perfectmoneyland.com m852a19.perfectmoneyland.com	710 B
1	marvelousplay.com m3f788a.marvelousplay.com	708 B
1	gamble-risk.net m4c25bd.gamble-risk.net	713 B
1	gamblingluck.net m665a68.gamblingluck.net	709 B
1	slotsvictory.net mcd1859.slotsvictory.net	714 B
1	luckywinning.net m29712f.luckywinning.net	762 B
1	money-slots.net m56c01d.money-slots.net	712 B
1	slots-formoney.net m867e23.slots-formoney.net	718 B
0	aloginpro.com Failed aloginpro.com Failed
35	19

	Domain	Requested by
6	cdnl-kb.ext-files.net	m606aee.lucky-gambler.net cdnl-kb.ext-files.net
5	cdnred.ext-files.net	m2b76ba.krvnbethub.com cdnred.ext-files.net
5	m2b76ba.krvnbethub.com	1 redirects m2b76ba.krvnbethub.com
3	m606aee.lucky-gambler.net	cdnred.ext-files.net m606aee.lucky-gambler.net
1	m864e43.enjoyslot.net
1	m5fc3ff.wowlucky.net
1	m33b73c.wowcasino.net
1	m0f71aa.successfulslot.net
1	mc1800a.successfulslot.com
1	m04056c.slotforjoy.net
1	m1283b0.slotforjoy.com
1	m852a19.perfectmoneyland.com
1	m3f788a.marvelousplay.com
1	m4c25bd.gamble-risk.net
1	m665a68.gamblingluck.net
1	mcd1859.slotsvictory.net
1	m29712f.luckywinning.net
1	m56c01d.money-slots.net
1	m867e23.slots-formoney.net
0	aloginpro.com Failed	m2b76ba.krvnbethub.com
35	20

This site contains no links.

Subject Issuer	Validity	Valid
krvnbethub.com GTS CA 1P5	`2024-05-10` - `2024-08-08`	3 months	crt.sh
ext-files.net E1	`2024-04-22` - `2024-07-21`	3 months	crt.sh
slots-formoney.net E1	`2024-05-06` - `2024-08-04`	3 months	crt.sh
lucky-gambler.net E1	`2024-04-26` - `2024-07-25`	3 months	crt.sh
money-slots.net E1	`2024-05-02` - `2024-07-31`	3 months	crt.sh
luckywinning.net E1	`2024-04-25` - `2024-07-24`	3 months	crt.sh
slotsvictory.net E1	`2024-04-29` - `2024-07-28`	3 months	crt.sh
gamblingluck.net E1	`2024-04-17` - `2024-07-16`	3 months	crt.sh
gamble-risk.net E1	`2024-04-22` - `2024-07-21`	3 months	crt.sh
marvelousplay.com E1	`2024-05-06` - `2024-08-04`	3 months	crt.sh
perfectmoneyland.com E1	`2024-04-25` - `2024-07-24`	3 months	crt.sh
slotforjoy.com GTS CA 1P5	`2024-04-25` - `2024-07-24`	3 months	crt.sh
slotforjoy.net GTS CA 1P5	`2024-04-22` - `2024-07-21`	3 months	crt.sh
successfulslot.com E1	`2024-04-25` - `2024-07-24`	3 months	crt.sh
successfulslot.net GTS CA 1P5	`2024-04-29` - `2024-07-28`	3 months	crt.sh
wowcasino.net GTS CA 1P5	`2024-05-02` - `2024-07-31`	3 months	crt.sh
wowlucky.net GTS CA 1P5	`2024-04-19` - `2024-07-18`	3 months	crt.sh
enjoyslot.net GTS CA 1P5	`2024-04-27` - `2024-07-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://m606aee.lucky-gambler.net/?lp=kb_wo2_class&serviceTrackId=d01175c2-e18f-44e9-9533-c60c99b4a537
Frame ID: 644A61FA63F454BEAF65C4FBB55CB5DF
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Karavan.bet

Page URL History Show full URLs

https://m2b76ba.krvnbethub.com/ Page URL
https://m2b76ba.krvnbethub.com/redirect?t=0.889&reason=success_ping&ri=1&ro=m&to=Lz9scD1rYl93bzJfY2xhc3M= HTTP 302
https://m606aee.lucky-gambler.net/?lp=kb_wo2_class&serviceTrackId=d01175c2-e18f-44e9-9533-c60c99b4a537 Page URL

Page Statistics

35
Requests

94 %
HTTPS

0 %
IPv6

19
Domains

20
Subdomains

14
IPs

3
Countries

221 kB
Transfer

274 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://m2b76ba.krvnbethub.com/ Page URL
https://m2b76ba.krvnbethub.com/redirect?t=0.889&reason=success_ping&ri=1&ro=m&to=Lz9scD1rYl93bzJfY2xhc3M= HTTP 302
https://m606aee.lucky-gambler.net/?lp=kb_wo2_class&serviceTrackId=d01175c2-e18f-44e9-9533-c60c99b4a537 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 / Show response
m2b76ba.krvnbethub.com/ 3 KB
2 KB 144ms
99ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m2b76ba.krvnbethub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.26

Resource Hash

0f27930499339f47f0af06970e495d72b1289b588fe7b14782f6814698302a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8939a83a692866b0-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 14 Jun 2024 10:32:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UXKWv%2Fkx17l%2BdHWMbo4hshiqanqZHIM5%2BT2FdOECbzL1EOwGvxY%2FLI7P8%2B4i1k1rskZPjRC%2B85r7FrZTQG%2BTPLoxpSQC3OsEp0K%2FPnwWB22EWQUluqwlA2UqBxAyeAC1FNvposEWAtQy"}],"group":"cf-nel","max_age":604800}
served-by: redirector-back-2b
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding Accept-Encoding
x-application: redirector
x-content-type-options: nosniff nosniff
x-powered-by: PHP/8.1.26
x-robots-tag: noarchive, notranslate noarchive, notranslate
x-xss-protection: 1; mode=block 1; mode=block

GET
H3 200 style.css
cdnred.ext-files.net/land-kb/css/ 1 KB
1 KB 113ms
63ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnred.ext-files.net/land-kb/css/style.css?v=1

Requested by

Host: m2b76ba.krvnbethub.com
URL: https://m2b76ba.krvnbethub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1381ae11fdefea396597deea51b595ff3b850a906b1cadc3ad44ad02778a6117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m2b76ba.krvnbethub.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1052
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
served-by: redirector-back-1a
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 May 2024 06:03:27 GMT
server: cloudflare
etag: W/"500-618134b4d58c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iv2BGxcybsDxcZKm5jEyBvvBTi3XN8NLynn2zUr32BsT8LgMpZx26vtz9OT3NrLDCsMn8Sv5Y6FoLQR7asueS11KUX7BfOJB1YJdgAEalzbef2J%2Bc29%2F1xUcWxzijLuGMhfy%2BAaHOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
x-robots-tag: noarchive, notranslate
cf-ray: 8939a83b7ef7669a-AMS

GET preloader.css
cdnred.ext-files.net/land-kb/css/ 0
0

GET redirector.js
aloginpro.com/kb/land-kb/ 0
0

GET
H3 200 log
m2b76ba.krvnbethub.com/ 121 B
744 B 93ms
82ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m2b76ba.krvnbethub.com/log?msg=pageLoaded

Requested by

Host: m2b76ba.krvnbethub.com
URL: https://m2b76ba.krvnbethub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m2b76ba.krvnbethub.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 121
x-xss-protection: 1; mode=block, 1; mode=block
x-application: redirector
served-by: redirector-back-1a
referrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1gFGLSAoHfRKiSwHXWTq4tC2lP%2B%2BHMkLkQQybZcmcBqnqddo2OSQpp2Vh%2BT7YT7YUc00wJlmJUQ0o9ygQsI4Dr1ahuka9etpmq8NcnrnRBBAwEz90DR1mmqz0s132kadk2kASNSvtcSI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-robots-tag: noarchive, notranslate, noarchive, notranslate
cf-ray: 8939a83b3a0966b0-AMS

GET
H3 200 redirmin.js Show response
cdnred.ext-files.net/common/js/ 6 KB
2 KB 114ms
65ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnred.ext-files.net/common/js/redirmin.js?v=1718361153

Requested by

Host: m2b76ba.krvnbethub.com
URL: https://m2b76ba.krvnbethub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf2f281260db98c66467e86b9cc69efda54d4bbbf5aeeeebcfcd34f7b47292dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m2b76ba.krvnbethub.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
served-by: redirector-back-2b
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Jan 2024 15:00:43 GMT
server: cloudflare
etag: W/"160e-60e341cba2d66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mfse8J9e7QrPPwmTxxso4XcEnQSQOn0W%2BJyJ20olnjeZPo8KhvwyUU3HWeueqNiJur2qnwpgYqbSVBr47yQZJ8kqvhwt9eSZA7y8TqsKIeWLw8vG%2BlAsKJCXOwMYd4oaS%2BXsFv%2ByCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-robots-tag: noarchive, notranslate
cf-ray: 8939a83b7ef4669a-AMS

GET
H3 200 sentry-7.28.0.min.js Show response
cdnred.ext-files.net/common/js/ 56 KB
20 KB 32ms
32ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnred.ext-files.net/common/js/sentry-7.28.0.min.js

Requested by

Host: m2b76ba.krvnbethub.com
URL: https://m2b76ba.krvnbethub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4db93764b33c5a75e900acd38c1cbc3ca81c5677568f5c11ee8a4b44a1bd382

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m2b76ba.krvnbethub.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 826
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
served-by: redirector-back-1a
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Mar 2024 06:54:27 GMT
server: cloudflare
etag: W/"de16-612e4502b33e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ueJUX2Wucxxcv8PITIFKvmOiA8EkWwzZPR%2F2VrRZj%2BWBAwSDfy07SXZc56Wea76kw2IdAnHdXhh4H0Y6jE%2FTfDw0QNWJGFRir01kjKjLgyUKsbDE802ir9bi%2FPcHElKzjkai0W2Vsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-robots-tag: noarchive, notranslate
cf-ray: 8939a83bcf70669a-AMS

GET
H3 200 logo.svg
cdnred.ext-files.net/land-kb/img/ 281 B
819 B 29ms
27ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnred.ext-files.net/land-kb/img/logo.svg

Requested by

Host: cdnred.ext-files.net
URL: https://cdnred.ext-files.net/land-kb/css/style.css?v=1

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

337cdba5dcd72c6b62b1097f04dc213c13b4b22b2471083abb200c0c090ed0ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdnred.ext-files.net/land-kb/css/style.css?v=1
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1186
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
served-by: redirector-back-1a
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 May 2024 13:50:47 GMT
server: cloudflare
etag: W/"119-61819d2a2027d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wE3Sea8L8JtrM4hnXj%2BbZzc6Wb3S4AI4CmoIJgnNVt6TC%2FgQ4K1AAjXucYeAn60LjhX1y%2FkO9wIq8jlrwL8uXKO3cuya3%2BCxiSR4vnvi9%2BuHEDNK7ZHcjs9GyJzRH2ZjtKDNqPdD%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
x-robots-tag: noarchive, notranslate
cf-ray: 8939a83c1fdc669a-AMS

GET
H3 200 icon.png
cdnred.ext-files.net/common/img/ 6 KB
6 KB 45ms
44ms Other
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnred.ext-files.net/common/img/icon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28f93160641ad52ce2547c4df0b29ec4af0346e250a87b7dbc0ba3d8cdff0cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m2b76ba.krvnbethub.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6923
alt-svc: h3=":443"; ma=86400
content-length: 5816
x-xss-protection: 1; mode=block
served-by: redirector-back-2b
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Nov 2015 17:25:14 GMT
server: cloudflare
etag: "16b8-5241ee0483280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tPnAzuNmXsN9PxqS2iMGvjzQnMArU9BYbWTO0jUWt1gOq10QcEdaBgiIyLwsdIXwf8yBO1PsZcrmdXlxCvK%2BHu6Uv%2BxL9nItmpOUMqYYMbdY8%2BHE%2BzP7oJq0CBDwJ18dC5EySKLWOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noarchive, notranslate
cf-ray: 8939a83c682a669a-AMS

GET
H3 200 log
m2b76ba.krvnbethub.com/ 121 B
773 B 85ms
83ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m2b76ba.krvnbethub.com/log?msg=checkerInitialized

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.26

Resource Hash

a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m2b76ba.krvnbethub.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.1.26
alt-svc: h3=":443"; ma=86400
content-length: 121
x-xss-protection: 1; mode=block, 1; mode=block
x-application: redirector
served-by: redirector-back-2b
referrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s8p3XWGMDinCjrwueDIhPGYdOXb0Er1qaHPZ5HkoUTrD5%2BSkH0hQUyO5DPTAyw3YzJDdfNAnZHPmb5KbmIQX8knA6GO%2Bz4ZEfXnra3%2F%2BIYUhSG7gU6tl3VYh%2Bs7ULFrjyyVtnBxDA%2BpC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-robots-tag: noarchive, notranslate, noarchive, notranslate
cf-ray: 8939a83cec0e66b0-AMS

GET
H3 200 ping.png
m867e23.slots-formoney.net/ 121 B
718 B 96ms
51ms Image
image/png 104.21.0.165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m867e23.slots-formoney.net/ping.png?t=1718361154359

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.0.165 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m2b76ba.krvnbethub.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 121
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Feb 2018 14:38:58 GMT
server: cloudflare
etag: "5a844a02-79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YiMXyMyJT%2Fq2hK%2F0gNWRMAzrzJyBzY1c3ZYyn6bTZDjMB8fKFp2Q9xUyQlBz5g5pNL%2FGi7sk3lQqS2ok8mOwtuPOmbBcmxTJsHTy8SXoJQj4hpyaFX38HgfqU65p2Dr1KImMByjcxiH%2BxGbVDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noarchive, notranslate
cf-ray: 8939a83f1c771c1a-AMS

GET
H3 200 ping.png
m606aee.lucky-gambler.net/ 121 B
707 B 85ms
45ms Image
image/png 172.67.212.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m606aee.lucky-gambler.net/ping.png?t=1718361154359

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.212.58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m2b76ba.krvnbethub.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 121
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Feb 2018 14:39:13 GMT
server: cloudflare
etag: "5a844a11-79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g8YAtt59vfLukFWLH83zrlRqWw4QaGtSDXznhPUloCLe2xnNBC2fgn7pMG1m8DKCgUfh4IbjmyGgGeqcslXY0zJEK7%2FMI6LS0HyJu3oGIXXu5Eb7YCFvcS40QAw6CXcdT9RacNqeEKVbER%2Fy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noarchive, notranslate
cf-ray: 8939a83f0ef70a4f-AMS

GET
H3 200 ping.png
m56c01d.money-slots.net/ 121 B
712 B 88ms
46ms Image
image/png 172.67.163.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m56c01d.money-slots.net/ping.png?t=1718361154359

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.163.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m2b76ba.krvnbethub.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 121
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Feb 2018 14:39:29 GMT
server: cloudflare
etag: "5a844a21-79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HenUmUyAjAKbdXGF86SwEwKC6Nw0Z3JT0Ea48t3nNEJQbyEb5uUmmoyQQDe4%2FXY%2BdVdZDugdaX4u4FbnarHJP37fcRJpfdLJT8OcBEjqN6Ipp%2BFJia3uzs8XB6IHnME7WO455qTuL0JkQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noarchive, notranslate
cf-ray: 8939a83f0d4866d8-AMS

GET
H2 200 ping.png
m29712f.luckywinning.net/ 121 B
762 B 107ms
42ms Image
image/png 104.21.16.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m29712f.luckywinning.net/ping.png?t=1718361154359

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.16.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m2b76ba.krvnbethub.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 121
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Feb 2018 14:39:22 GMT
server: cloudflare
etag: "5a844a1a-79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=izPmhkSwk%2F5yGTJoGWD3EJ%2BtHjMgSFBJ7L5bBizetixPYemzh45KvyIcrm9kuKG1y61AFVYogw%2BHP2K1OGfLid3xjPsuaWzzToqWD8soGg%2BRPfKAVpO9vTu%2BaXX%2B9p1G97OvQIWyuNn7S0s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noarchive, notranslate
cf-ray: 8939a83f3d497794-AMS

GET
H3 200 ping.png
mcd1859.slotsvictory.net/ 121 B
714 B 99ms
45ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mcd1859.slotsvictory.net/ping.png?t=1718361154359

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m2b76ba.krvnbethub.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 121
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Feb 2018 14:39:28 GMT
server: cloudflare
etag: "5a844a20-79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T2qdWZKDbvQx4qf2kodYMiGiyJSp6vDXAyaSWw%2BRf4UQP%2FNHA4muKU0lDfM5bcPekd1SnP6fkN6vTdVkSSHYb6GZjDgMr3vlQnfQA%2BCrtefM1R92i%2FTHQFtvkpEChvlLvIkRyH%2B2lvUBJaY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noarchive, notranslate
cf-ray: 8939a83f2988b7ca-AMS

GET
H3 200 ping.png
m665a68.gamblingluck.net/ 121 B
709 B 91ms
52ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m665a68.gamblingluck.net/ping.png?t=1718361154359

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m2b76ba.krvnbethub.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 121
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Feb 2018 14:39:13 GMT
server: cloudflare
etag: "5a844a11-79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fPH2fLbcxc4tiuFIirNn72HtWdyPiR33iehghbbLBJA%2FDCj5H5KzMSKT4mhF467cQpgjhPlzawA0Q%2FP2ATy%2F1FPKdGNE2iPH6LYw7VJIFRvsvjC8QnWpm6190lRS0Xzuz9EKFhC29LbhH3c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noarchive, notranslate
cf-ray: 8939a83f0eb80b05-AMS

GET
H3 200 ping.png
m4c25bd.gamble-risk.net/ 121 B
713 B 85ms
45ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m4c25bd.gamble-risk.net/ping.png?t=1718361154359

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m2b76ba.krvnbethub.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 121
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Feb 2018 14:39:13 GMT
server: cloudflare
etag: "5a844a11-79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZIbBv%2FHL4Ab7X4sQ3WXWW7dM%2BlVv9oqgKe9beZ10yq1S8M35I76IuWIobJs6v6gexV6wSzizt1URvTwy%2BxrKtVW50GJMC2tVXWt30b95Ijru6awP%2Fzgl1lIdoDikUQx%2FqtYlQeecUdG3jA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noarchive, notranslate
cf-ray: 8939a83f0d8c9711-AMS

GET
H3 200 ping.png
m3f788a.marvelousplay.com/ 121 B
708 B 96ms
49ms Image
image/png 104.21.10.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m3f788a.marvelousplay.com/ping.png?t=1718361154359

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.10.87 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m2b76ba.krvnbethub.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 121
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Feb 2018 14:39:16 GMT
server: cloudflare
etag: "5a844a14-79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oOre3nCWnZmQXTPX9g7qu2VdQpvFnGboqs4rk7r0JZQT9%2F9LojM%2B5fRplYm5JsTqh0g2tD6wXkctkbd90WLtuh3bs4ZTV1OQjAlx392gPZr1JfmOct39HMHIPwQP6IgozbGl%2FNHvHvTtZmPy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noarchive, notranslate
cf-ray: 8939a83f1f2c96e5-AMS

GET
H3 200 ping.png
m852a19.perfectmoneyland.com/ 121 B
710 B 95ms
53ms Image
image/png 104.21.62.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m852a19.perfectmoneyland.com/ping.png?t=1718361154359

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.62.138 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m2b76ba.krvnbethub.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 121
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 07 Jan 2016 16:47:40 GMT
server: cloudflare
etag: "568e96ac-79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PLDQ8YyWhS2JRlq4%2F7VEmdVli3X5pYJTArG3HUAP0ajIMHtYT%2Fxaneq3plsoXWhH9o3Q6bHjxKFpZQM6s28zdyPJ2CIELQ36JRyI0eL8VGp6wJXUWZVtJegbnVtiKa3bntrJxuzpbuEcPprOKntZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noarchive, notranslate
cf-ray: 8939a83f18966574-AMS

GET
H3 200 ping.png
m1283b0.slotforjoy.com/ 121 B
709 B 87ms
48ms Image
image/png 104.21.49.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m1283b0.slotforjoy.com/ping.png?t=1718361154359

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.49.125 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m2b76ba.krvnbethub.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 121
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 07 Jan 2016 16:47:40 GMT
server: cloudflare
etag: "568e96ac-79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KXQjQvYHMCEZv93A1C3fh9ivZjAGDlsvghPsXfXTRYQ06C0Vu9pFY2styilA%2BS%2F9mSdMFZyxAOZfH%2FP2cjkYWJNhi0tOV522J%2B4t%2BTYi6IZLnJr11Il0BXvRUXqG3tkFjVJ5oiCJAr7k"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noarchive, notranslate
cf-ray: 8939a83f091d9f90-AMS

GET
H3 200 ping.png
m04056c.slotforjoy.net/ 121 B
709 B 101ms
60ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m04056c.slotforjoy.net/ping.png?t=1718361154359

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m2b76ba.krvnbethub.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 121
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 07 Jan 2016 16:47:40 GMT
server: cloudflare
etag: "568e96ac-79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fBabae3keIVs3LzZ70CHGJkLCN%2Bkr30cMQWQv09mAt7Pxi1ESduAsARbRfvf%2BUcWgf5zG8vMYYRIXn90wKKJ%2FrDAGoOW0P8l%2BQPiMyDASugt%2FzFnfRbR%2FuJtyavmvIGiEdSIhOmPUN1b"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noarchive, notranslate
cf-ray: 8939a83fa9256703-AMS

GET
H3 200 ping.png
mc1800a.successfulslot.com/ 121 B
719 B 106ms
65ms Image
image/png 104.21.18.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc1800a.successfulslot.com/ping.png?t=1718361154359

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.18.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m2b76ba.krvnbethub.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 121
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 07 Jan 2016 16:47:40 GMT
server: cloudflare
etag: "568e96ac-79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TxbGw0QH%2BXyi1d1uDgP55Oxzbr%2FsgjHaQnOz2OlLa8sA3OJrt0NwqkwF9WCuICdnUJciYi%2BvLeqDH%2BZBNcgnN5G79Xgh7zQyY%2FWjSe11UaN5lCkQPb%2BqtFGOsvmResla05LANBKJmWtBlnREuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noarchive, notranslate
cf-ray: 8939a83fabe9b76a-AMS

GET
H3 200 ping.png
m0f71aa.successfulslot.net/ 121 B
722 B 118ms
65ms Image
image/png 104.21.69.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m0f71aa.successfulslot.net/ping.png?t=1718361154359

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.69.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m2b76ba.krvnbethub.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 121
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 07 Jan 2016 16:47:40 GMT
server: cloudflare
etag: "568e96ac-79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mCsAmB%2BAg8bwUIGZPqodG1awZilqoska6aO4BfKrJTge9PjQFx4E7D4MSXUBtl%2F0hJ5EJgUhz3rFcr%2Bz8mbYHHh8%2FKNlqdHhJt0jPZ4p7DPVDhp%2BP07qyx5vO%2BXICdLPYTFSHKxw2AMSwsIU%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noarchive, notranslate
cf-ray: 8939a83fbfdf0bea-AMS

GET
H3 200 ping.png
m33b73c.wowcasino.net/ 121 B
713 B 115ms
74ms Image
image/png 104.21.27.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m33b73c.wowcasino.net/ping.png?t=1718361154359

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.27.221 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m2b76ba.krvnbethub.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 121
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 07 Jan 2016 16:47:40 GMT
server: cloudflare
etag: "568e96ac-79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0RfPZNVs%2FpGs9VCpYKYmOUoAXeJIigYzO87kfUwDB1cBQFY%2B%2BIfwEvIcJ5MWzAEy4tE1nsYUuPOoVsHFiKPoXG82WIXt1sP92ZnyusBv69Brk%2BYN%2FYdzZZrDH%2FvtNplraOHYh%2F1a7v8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noarchive, notranslate
cf-ray: 8939a83fad43b8a2-AMS

GET
H3 200 ping.png
m5fc3ff.wowlucky.net/ 121 B
718 B 112ms
71ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m5fc3ff.wowlucky.net/ping.png?t=1718361154359

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m2b76ba.krvnbethub.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 121
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 07 Jan 2016 16:47:40 GMT
server: cloudflare
etag: "568e96ac-79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2Bc39jzec2mzjEwGrL%2FQ6ZZLnASCBcgbZjkTS%2BgZoUjPBQE74N0Sbr%2BnQjhufjlUCvQgxEw7mlXkAE9qo4Y3%2Bf96S78ycC84w%2Ftk%2F2y0TAeMGGd%2BEkA%2B2KGNMnNWJkwalMGMJh6pNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noarchive, notranslate
cf-ray: 8939a83fad7ab7d0-AMS

GET
H3 200 ping.png
m864e43.enjoyslot.net/ 121 B
704 B 110ms
68ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m864e43.enjoyslot.net/ping.png?t=1718361154359

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m2b76ba.krvnbethub.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 121
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 07 Jan 2016 16:47:40 GMT
server: cloudflare
etag: "568e96ac-79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MsBHzv%2BvB1AJ9LsuFZgmAbzrzsXhFrZ6M2YNUjc1PooU35xH24N84fhBSL5a6iUJuLYuBSz2HDH6OhMxdlJjBbd381b6W8YgPo8pnliZc4jy8tYf%2FVl2ljwPrd1NsY4SisT1mDkzCW4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noarchive, notranslate
cf-ray: 8939a83fbdd966d0-AMS

GET
H3

403

Primary Request / Show response
m606aee.lucky-gambler.net/
Redirect Chain

https://m2b76ba.krvnbethub.com/redirect?t=0.889&reason=success_ping&ri=1&ro=m&to=Lz9scD1rYl93bzJfY2xhc3M=
https://m606aee.lucky-gambler.net/?lp=kb_wo2_class&serviceTrackId=d01175c2-e18f-44e9-9533-c60c99b4a537

17 KB
3 KB

151ms
126ms

Document
text/html

104.21.53.112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m606aee.lucky-gambler.net/?lp=kb_wo2_class&serviceTrackId=d01175c2-e18f-44e9-9533-c60c99b4a537

Requested by

Host: cdnred.ext-files.net
URL: https://cdnred.ext-files.net/common/js/redirmin.js?v=1718361153

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.53.112 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47ac96430f81640a6da9e81c3d2a937662c93eda607ce2e0c6fd4222e5c5d24e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://m2b76ba.krvnbethub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8939a8433a5866f1-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 14 Jun 2024 10:32:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fhnOVZ00EAf4AvEUygWxSgMxNW7lAkzwyX5EK%2B4li6cqH9bwzzoIig5KgjzCu8IVHuPvbApOJVjBeOQYb%2BAeelHD8dHmjKyB5zv6f1e50QDDyll4txdr0e3XwlkpglSf6%2F0CsPKaTma%2BhjzL"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8939a84279b966b0-AMS
content-type: text/html; charset=UTF-8
date: Fri, 14 Jun 2024 10:32:35 GMT
location: https://m606aee.lucky-gambler.net/?lp=kb_wo2_class&serviceTrackId=d01175c2-e18f-44e9-9533-c60c99b4a537
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ROoEmanXcusCqVWwmMCl6Tw72r71kFMmIJZYH9FlKiyAGRB5uNxDFc8sX6SRS9mi2QoWFs%2F5VFBzl5jiaEsYRVW%2BYJWCJJkpcysD%2FVgN41u2%2BFLawX3XzNFB65kEBHzaA07m0oLmnfYe"}],"group":"cf-nel","max_age":604800}
served-by: redirector-back-1a
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
x-application: redirector
x-content-type-options: nosniff nosniff
x-robots-tag: noarchive, notranslate noarchive, notranslate
x-xss-protection: 1; mode=block 1; mode=block

GET
H3 200 send-stats
m2b76ba.krvnbethub.com/ 121 B
771 B 76ms
75ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m2b76ba.krvnbethub.com/send-stats?domains[aHR0cHM6Ly9tODY3ZTIzLnNsb3RzLWZvcm1vbmV5Lm5ldA%3D%3D]=1&domains[aHR0cHM6Ly9tNjA2YWVlLmx1Y2t5LWdhbWJsZXIubmV0]=1&domains[aHR0cHM6Ly9tNTZjMDFkLm1vbmV5LXNsb3RzLm5ldA%3D%3D]=1&domains[aHR0cHM6Ly9tMjk3MTJmLmx1Y2t5d2lubmluZy5uZXQ%3D]=1&domains[aHR0cHM6Ly9tY2QxODU5LnNsb3RzdmljdG9yeS5uZXQ%3D]=1&domains[aHR0cHM6Ly9tNjY1YTY4LmdhbWJsaW5nbHVjay5uZXQ%3D]=1&domains[aHR0cHM6Ly9tNGMyNWJkLmdhbWJsZS1yaXNrLm5ldA%3D%3D]=1&domains[aHR0cHM6Ly9tM2Y3ODhhLm1hcnZlbG91c3BsYXkuY29t]=1&domains[aHR0cHM6Ly9tODUyYTE5LnBlcmZlY3Rtb25leWxhbmQuY29t]=1&domains[aHR0cHM6Ly9tMTI4M2IwLnNsb3Rmb3Jqb3kuY29t]=1&domains[aHR0cHM6Ly9tMDQwNTZjLnNsb3Rmb3Jqb3kubmV0]=1&domains[aHR0cHM6Ly9tYzE4MDBhLnN1Y2Nlc3NmdWxzbG90LmNvbQ%3D%3D]=1&domains[aHR0cHM6Ly9tMGY3MWFhLnN1Y2Nlc3NmdWxzbG90Lm5ldA%3D%3D]=1&domains[aHR0cHM6Ly9tMzNiNzNjLndvd2Nhc2luby5uZXQ%3D]=1&domains[aHR0cHM6Ly9tNWZjM2ZmLndvd2x1Y2t5Lm5ldA%3D%3D]=1&domains[aHR0cHM6Ly9tODY0ZTQzLmVuam95c2xvdC5uZXQ%3D]=1&ri=1ro=m

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.26

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m2b76ba.krvnbethub.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.1.26
alt-svc: h3=":443"; ma=86400
content-length: 121
x-xss-protection: 1; mode=block, 1; mode=block
x-application: redirector
served-by: redirector-back-2b
referrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3rlYR2%2B7Rn%2Bb8othNifICq37t22IzJ8l44KxnozOPKeBHjPcKfku4tp1oy7HT45w0XYOQLv%2BPx%2BuAM7Y%2FZjq1wKZqTwqIXBlGYmp9mXScffMVTDhSgp%2FttdXYtnlOhhny9VZkSo9cGZR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-robots-tag: noarchive, notranslate, noarchive, notranslate
cf-ray: 8939a84279b066b0-AMS

GET
H2 200 web.kb_access_denied.css
cdnl-kb.ext-files.net/landings/dist/ 3 KB
2 KB 83ms
25ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnl-kb.ext-files.net/landings/dist/web.kb_access_denied.css?v={{cdn_version}}

Requested by

Host: m606aee.lucky-gambler.net
URL: https://m606aee.lucky-gambler.net/?lp=kb_wo2_class&serviceTrackId=d01175c2-e18f-44e9-9533-c60c99b4a537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c390bc52f596e649e98dd85571ad373c2de11aa041a800ae96eccd82f7cd5f76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m606aee.lucky-gambler.net/?lp=kb_wo2_class&serviceTrackId=d01175c2-e18f-44e9-9533-c60c99b4a537
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 238
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 Jun 2024 07:15:38 GMT
server: cloudflare
etag: W/"666bee1a-bd4"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O5eikVfARWch%2FW9%2FsmkvT%2F4%2BUrL1OIoEyaI8SAYA9h6scj%2FLR4O%2B2qwaaO6QKx2%2F%2BFA8LrChYkyOBUKvWtw6ckKaucl%2BFezbGt8L8kpm8xAzYBkwmW0GLcwCr4u6xWeAY6ruMWw%2BR98%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
x-robots-tag: noarchive, notranslate
cf-ray: 8939a8446e419fb2-AMS

GET
H2 200 403.png
cdnl-kb.ext-files.net/landings/web/kb_access_denied/img/ 59 KB
60 KB 84ms
26ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl-kb.ext-files.net/landings/web/kb_access_denied/img/403.png

Requested by

Host: m606aee.lucky-gambler.net
URL: https://m606aee.lucky-gambler.net/?lp=kb_wo2_class&serviceTrackId=d01175c2-e18f-44e9-9533-c60c99b4a537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bfd6d1824322d8213dac47225b3fb647a5e9a1ac5c7b35455bd9e8c8023ddfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m606aee.lucky-gambler.net/?lp=kb_wo2_class&serviceTrackId=d01175c2-e18f-44e9-9533-c60c99b4a537
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 238
alt-svc: h3=":443"; ma=86400
content-length: 60768
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 12 Jun 2024 10:45:03 GMT
server: cloudflare
etag: "66697c2f-ed60"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sYTJCRHMqo%2BWi1gh8Clk2odhrW9XxY5sOM1GjQ6TPLJn1Dv0E%2BTjALd5jmRG6oIDdGRxkEUruPNt1XHgVCBntKHx7nWuCdwoI%2BIRme78rlXr79IkhQUOOztTWTtEkRhnj6eM6FyM2%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noarchive, notranslate
cf-ray: 8939a8446e449fb2-AMS

GET
H3 200 email-decode.min.js Show response
m606aee.lucky-gambler.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 30ms
30ms Script
application/javascript 104.21.53.112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m606aee.lucky-gambler.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: m606aee.lucky-gambler.net
URL: https://m606aee.lucky-gambler.net/?lp=kb_wo2_class&serviceTrackId=d01175c2-e18f-44e9-9533-c60c99b4a537

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.53.112 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m606aee.lucky-gambler.net/?lp=kb_wo2_class&serviceTrackId=d01175c2-e18f-44e9-9533-c60c99b4a537
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Jun 2024 17:32:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66688a1d-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E2Bfhvdm%2Ba%2FD1c%2BwmJbw%2Fkjn1HEGnxmSYqXcLpYkstneJCKZz2%2FHJA9nud07s98WfbaCkFrQFdHhHVekglDJlgTC7VAm8TOEWRhefP2CtzDIaqj872uu%2BhVBCMFLEHuSwuGs06GNg94SXRM4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8939a8440b7366f1-AMS
expires: Sun, 16 Jun 2024 10:32:35 GMT

GET
H2 200 web.bb_access_denied.js Show response
cdnl-kb.ext-files.net/landings/dist/ 559 B
655 B 79ms
32ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnl-kb.ext-files.net/landings/dist/web.bb_access_denied.js

Requested by

Host: m606aee.lucky-gambler.net
URL: https://m606aee.lucky-gambler.net/?lp=kb_wo2_class&serviceTrackId=d01175c2-e18f-44e9-9533-c60c99b4a537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c20a966543ab7dffcacc06e38db8fb1f2af5bbc9048f49004ef645aa833726db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m606aee.lucky-gambler.net/?lp=kb_wo2_class&serviceTrackId=d01175c2-e18f-44e9-9533-c60c99b4a537
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 238
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 Jun 2024 07:15:38 GMT
server: cloudflare
etag: W/"666bee1a-22f"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5vyoR%2FtWfT5VWc7fNoZAN9SfSaDRB9t0eP16HyIdrQueqQHQM3ugcM8nRZ5V9O85PCMmZ0dNZQzlb02MCs7HxoLYhbuqxWwI64xUnDWoRMA%2FDn5VUbmTbR8GcRgJEJtKP84ZkHeRkC8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-robots-tag: noarchive, notranslate
cf-ray: 8939a8446e459fb2-AMS

GET
H2 200 content_bg.png
cdnl-kb.ext-files.net/landings/web/kb_access_denied/img/ 46 KB
46 KB 27ms
25ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl-kb.ext-files.net/landings/web/kb_access_denied/img/content_bg.png

Requested by

Host: cdnl-kb.ext-files.net
URL: https://cdnl-kb.ext-files.net/landings/dist/web.kb_access_denied.css?v={{cdn_version}}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c373e4bae7e4df33f094f3e0ce431a9b6ebdc2bfbb41c55f6ff1fdfebf13e1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdnl-kb.ext-files.net/landings/dist/web.kb_access_denied.css?v={{cdn_version}}
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 237
alt-svc: h3=":443"; ma=86400
content-length: 46795
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 12 Jun 2024 10:45:03 GMT
server: cloudflare
etag: "66697c2f-b6cb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WQ8PO2g8mBg%2FpLQgKBaAbg20H%2BWe017LlSOeMU8NwoqA06oa2xhogAkmv3DwrrZhNSVEs229KI44MsBiTVjhNEo4FBTntzpPXzElmFvQyKlKwPDeRlp%2Blfvxd%2BTJnARx1Idiifl11mg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noarchive, notranslate
cf-ray: 8939a8449e779fb2-AMS

GET
H3 200 opensans-regular.woff2
cdnl-kb.ext-files.net/landings/common/_default/fonts/OpenSans/Regular/ 59 KB
59 KB 50ms
27ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnl-kb.ext-files.net/landings/common/_default/fonts/OpenSans/Regular/opensans-regular.woff2

Requested by

Host: m606aee.lucky-gambler.net
URL: https://m606aee.lucky-gambler.net/?lp=kb_wo2_class&serviceTrackId=d01175c2-e18f-44e9-9533-c60c99b4a537

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38df043aef07a5b6e8290e78a01a74aac8306e5fc10a2a61fba6c30ca1da68df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m606aee.lucky-gambler.net/
Origin: https://m606aee.lucky-gambler.net
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6715
alt-svc: h3=":443"; ma=86400
content-length: 60080
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Aug 2023 11:09:12 GMT
server: cloudflare
etag: "64d4c558-eab0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bzlWQFq04KWiaUFauObAhugOgYWFQi%2FPAyrDtADbNIIXoqRY%2F0jdOhxFZ9eKwAswozJIAxcaQrKAGDk21Py5w1Cssa7EpNy9hVe2iLggjuTYe6a7mZiUy4xEp%2FLHNyEGnQ6AEJg1iuk%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noarchive, notranslate
cf-ray: 8939a844b93d66fa-AMS

GET
H3 200 favicon.ico
cdnl-kb.ext-files.net/landings/common/_default/img/kb/favicon/ 15 KB
4 KB 30ms
30ms Other
image/x-icon 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnl-kb.ext-files.net/landings/common/_default/img/kb/favicon/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6517c32ce646207070b8b2c80bf362cb6f1e299e191f559b2b42cab45bd038e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://m606aee.lucky-gambler.net/?lp=kb_wo2_class&serviceTrackId=d01175c2-e18f-44e9-9533-c60c99b4a537
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 10:32:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5097
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 Jun 2024 14:27:29 GMT
server: cloudflare
etag: W/"666075d1-3aee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=43htgGgWquRnHHvDOyz4JNckKMCGfLNVwM5XvFfb9hDZxNEIqKtl9zJ1eMlfD5CoDeptQFA5bNb2JybWpI%2FYoYbR%2FnIlJBIeb%2B5CBtUPRpPUzuJ27NeY5Jlne8vZ%2FNzyioLayE9Z8RA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: max-age=14400
x-robots-tag: noarchive, notranslate
cf-ray: 8939a8452e0666ec-AMS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdnred.ext-files.net
URL: https://cdnred.ext-files.net/land-kb/css/preloader.css

Domain: aloginpro.com
URL: https://aloginpro.com/kb/land-kb/redirector.js

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			m2b76ba.krvnbethub.com/	1970-01-20 21:20:47	Name: redirected-hash Value: 6666cd76f96956469e7be39d750cc7d9
			m2b76ba.krvnbethub.com/	1970-01-20 21:20:04	Name: redirected Value: %7B%226666cd76f96956469e7be39d750cc7d9%22%3A%22aHR0cHM6Ly9tNjA2YWVlLmx1Y2t5LWdhbWJsZXIubmV0Lz9scD1rYl93bzJfY2xhc3M%3D%22%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://m606aee.lucky-gambler.net/?lp=kb_wo2_class&serviceTrackId=d01175c2-e18f-44e9-9533-c60c99b4a537 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aloginpro.com
cdnl-kb.ext-files.net
cdnred.ext-files.net
m04056c.slotforjoy.net
m0f71aa.successfulslot.net
m1283b0.slotforjoy.com
m29712f.luckywinning.net
m2b76ba.krvnbethub.com
m33b73c.wowcasino.net
m3f788a.marvelousplay.com
m4c25bd.gamble-risk.net
m56c01d.money-slots.net
m5fc3ff.wowlucky.net
m606aee.lucky-gambler.net
m665a68.gamblingluck.net
m852a19.perfectmoneyland.com
m864e43.enjoyslot.net
m867e23.slots-formoney.net
mc1800a.successfulslot.com
mcd1859.slotsvictory.net
aloginpro.com
cdnred.ext-files.net
104.21.0.165
104.21.10.87
104.21.16.230
104.21.18.61
104.21.27.221
104.21.49.125
104.21.53.112
104.21.62.138
104.21.69.64
172.67.163.124
172.67.212.58
188.114.96.3
188.114.97.3
0f27930499339f47f0af06970e495d72b1289b588fe7b14782f6814698302a31
1381ae11fdefea396597deea51b595ff3b850a906b1cadc3ad44ad02778a6117
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28f93160641ad52ce2547c4df0b29ec4af0346e250a87b7dbc0ba3d8cdff0cbb
2bfd6d1824322d8213dac47225b3fb647a5e9a1ac5c7b35455bd9e8c8023ddfe
337cdba5dcd72c6b62b1097f04dc213c13b4b22b2471083abb200c0c090ed0ec
38df043aef07a5b6e8290e78a01a74aac8306e5fc10a2a61fba6c30ca1da68df
3c373e4bae7e4df33f094f3e0ce431a9b6ebdc2bfbb41c55f6ff1fdfebf13e1b
47ac96430f81640a6da9e81c3d2a937662c93eda607ce2e0c6fd4222e5c5d24e
a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9
bf2f281260db98c66467e86b9cc69efda54d4bbbf5aeeeebcfcd34f7b47292dd
c20a966543ab7dffcacc06e38db8fb1f2af5bbc9048f49004ef645aa833726db
c390bc52f596e649e98dd85571ad373c2de11aa041a800ae96eccd82f7cd5f76
e6517c32ce646207070b8b2c80bf362cb6f1e299e191f559b2b42cab45bd038e
f4db93764b33c5a75e900acd38c1cbc3ca81c5677568f5c11ee8a4b44a1bd382

m606aee.lucky-gambler.net Open in urlscan Pro 104.21.53.112 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

35 Requests

94 %HTTPS

0 %IPv6

19 Domains

20 Subdomains

14 IPs

3 Countries

221 kBTransfer

274 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

m606aee.lucky-gambler.net Open in urlscan Pro
104.21.53.112 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

94 %
HTTPS

0 %
IPv6

19
Domains

20
Subdomains

14
IPs

3
Countries

221 kB
Transfer

274 kB
Size

2
Cookies

35 HTTP transactions
0 data transactions