www.play5.freecase24.com Open in urlscan Pro
52.5.109.247 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.play5.freecase24.com/
Submission: On December 08 via api (December 8th 2024, 11:12:30 am UTC) from US — Scanned from DE

Summary HTTP 59 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 13 domains to perform 59 HTTP transactions. The main IP is 52.5.109.247, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.play5.freecase24.com.
TLS certificate: Issued by E6 on December 6th 2024. Valid for: 3 months.

This is the only time www.play5.freecase24.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	52.5.109.247 52.5.109.247	14618 (AMAZON-AES) (AMAZON-AES)
2	104.17.111.223 104.17.111.223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:4780:11:... 2a02:4780:11:1748:0:20ad:843d:9	47583 (AS-HOSTIN...) (AS-HOSTINGER Hostinger International Limited)
1	2606:4700::68... 2606:4700::6812:ba1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
22	13.33.187.32 13.33.187.32	16509 (AMAZON-02) (AMAZON-02)
3	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
1	104.18.186.31 104.18.186.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
1	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
59	17

14 52.5.109.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-109-247.compute-1.amazonaws.com

www.play5.freecase24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
freecase24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.111.223 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:4780:11:1748:0:20ad:843d:9 (Mumbai, India)

ASN47583 (AS-HOSTINGER Hostinger International Limited, CY)

www.atmhtml5games.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 13.33.187.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-32.fra60.r.cloudfront.net

img.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.186.31 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ee44a078b670b5e88f06982c46df4599.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	gamedistribution.com img.gamedistribution.com — Cisco Umbrella Rank: 48779	3 MB
14	freecase24.com www.play5.freecase24.com freecase24.com	144 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	20 KB
3	gstatic.com fonts.gstatic.com	23 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218	209 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 ee44a078b670b5e88f06982c46df4599.safeframe.googlesyndication.com	438 B
2	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695	66 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	82 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	133 KB
2	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 5669	72 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 847	31 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	907 B
1	atmhtml5games.com www.atmhtml5games.com	75 KB
59	13

	Domain	Requested by
22	img.gamedistribution.com	www.play5.freecase24.com
9	www.play5.freecase24.com	www.play5.freecase24.com
5	freecase24.com	www.play5.freecase24.com
3	fonts.gstatic.com	fonts.googleapis.com
3	securepubads.g.doubleclick.net	www.play5.freecase24.com securepubads.g.doubleclick.net
2	ep2.adtrafficquality.google	securepubads.g.doubleclick.net ep2.adtrafficquality.google
2	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
2	cdnjs.cloudflare.com	www.play5.freecase24.com cdnjs.cloudflare.com
2	cdn.jsdelivr.net	www.play5.freecase24.com cdn.jsdelivr.net
2	cdn.onesignal.com	www.play5.freecase24.com cdn.onesignal.com
1	ep1.adtrafficquality.google	securepubads.g.doubleclick.net
1	ee44a078b670b5e88f06982c46df4599.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
1	code.jquery.com	www.play5.freecase24.com
1	fonts.googleapis.com	www.play5.freecase24.com
1	www.atmhtml5games.com	www.play5.freecase24.com
59	16

This site contains links to these domains. Also see Links.

Domain
play5.freecase24.com
www.instagram.com
www.facebook.com
www.linkedin.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
play5.freecase24.com E6	`2024-12-06` - `2025-03-06`	3 months	crt.sh
*.onesignal.com WE1	`2024-10-31` - `2025-01-29`	3 months	crt.sh
atmhtml5games.com R10	`2024-11-11` - `2025-02-09`	3 months	crt.sh
freecase24.com E6	`2024-12-04` - `2025-03-04`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
gamedistribution.com Amazon RSA 2048 M02	`2024-07-21` - `2025-08-19`	a year	crt.sh
*.gstatic.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
adtrafficquality.google WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.play5.freecase24.com/
Frame ID: 6B290848ECB408B04D860973DCC87BF5
Requests: 57 HTTP requests in this frame

Frame: https://ee44a078b670b5e88f06982c46df4599.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 52197D8D82D11EF095CEADBD33AB2945
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: CF25B62E64B0A19ECD2421A922F38BD0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Play5 Free Case 24 Online Game | Play Free Atm Html 5 Games online

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

59
Requests

98 %
HTTPS

44 %
IPv6

13
Domains

16
Subdomains

17
IPs

4
Countries

3811 kB
Transfer

5512 kB
Size

2
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://play5.freecase24.com/

Search URL Search Domain Scan URL

URL: https://play5.freecase24.com/category.php
Title: Strategy 19 games

Search URL Search Domain Scan URL

URL: https://www.instagram.com/atm_games_05/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/profile.php?id=61555114536404

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/atm-games-5840162a8/

Search URL Search Domain Scan URL

URL: https://twitter.com/atmgame52

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCD8WXRlkKi50NO_bpB_CtJg

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.play5.freecase24.com/ 39 KB
4 KB 974ms
206ms Document
text/html 52.5.109.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-109-247.compute-1.amazonaws.com
Software: LiteSpeed /
Resource Hash: be61ed38c9deab43069447a9657439d97ac33403d0bc5653a7d2423767ffd991

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 08 Dec 2024 11:12:23 GMT
server: LiteSpeed
vary: Accept-Encoding

GET
H3 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 82ms
38ms Script
application/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"09282956186c8515ef0d208902803581"
age: 1623
expires: Wed, 11 Dec 2024 11:12:24 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 08 Dec 2024 11:12:24 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: OneSignal-Subscription-Id
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=259200
via: 1.1 google
cf-ray: 8eec51f70f595d90-FRA
server: cloudflare

GET
H2 200 one-signal-sdk.js Show response
www.atmhtml5games.com/ 445 KB
75 KB 909ms
278ms Script
application/x-javascript 2a02:4780:11:1748:0:20ad:843d:9
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.atmhtml5games.com/one-signal-sdk.js

Requested by

Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:11:1748:0:20ad:843d:9 Mumbai, India, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e5f79d38819c9e88959c018c51df06e73f0d414e8e274464d45248f4954e134d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

panel: hpanel
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
content-encoding: br
etag: "6f526-66ed20b4-43c731edf227dd24;br"
expires: Sun, 15 Dec 2024 11:12:24 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 76792
date: Sun, 08 Dec 2024 11:12:24 GMT
content-type: application/x-javascript
last-modified: Fri, 20 Sep 2024 07:13:56 GMT
vary: Accept-Encoding
server: LiteSpeed
platform: hostinger

GET
H2 200 bootstrap.min.css
freecase24.com/content/themes/arcade-two/css/ 190 KB
24 KB 889ms
106ms Stylesheet
text/css 52.5.109.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://freecase24.com/content/themes/arcade-two/css/bootstrap.min.css
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-109-247.compute-1.amazonaws.com
Software: LiteSpeed /
Resource Hash: 2143941c03dacda8b4f1016ced6e0c6f34e5c04585a3bcffe33c3c626c448a4a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

cache-control: public, max-age=604800
content-encoding: br
etag: "2f955-634333ba-109209;br"
expires: Sun, 15 Dec 2024 11:12:24 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 23974
date: Sun, 08 Dec 2024 11:12:24 GMT
last-modified: Sun, 09 Oct 2022 20:48:58 GMT
content-type: text/css
vary: Accept-Encoding
server: LiteSpeed

GET
H2 200 user.css
freecase24.com/content/themes/arcade-two/css/ 3 KB
984 B 895ms
112ms Stylesheet
text/css 52.5.109.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://freecase24.com/content/themes/arcade-two/css/user.css
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-109-247.compute-1.amazonaws.com
Software: LiteSpeed /
Resource Hash: 9773a654edd298605dd4d76f52d54d002faf7cb75fea8751995f4bc72be80ab7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

cache-control: public, max-age=604800
content-encoding: br
etag: "c32-65a696d4-10920e;br"
expires: Sun, 15 Dec 2024 11:12:24 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 897
date: Sun, 08 Dec 2024 11:12:24 GMT
last-modified: Tue, 16 Jan 2024 14:46:44 GMT
content-type: text/css
vary: Accept-Encoding
server: LiteSpeed

GET
H2 200 style.css
freecase24.com/content/themes/arcade-two/css/ 22 KB
5 KB 882ms
101ms Stylesheet
text/css 52.5.109.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://freecase24.com/content/themes/arcade-two/css/style.css
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-109-247.compute-1.amazonaws.com
Software: LiteSpeed /
Resource Hash: a5e857dc5f5efa1ca90e2a2a7bdbaa266c9dcb20c7c059b4e0a726f239a1bec9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

cache-control: public, max-age=604800
content-encoding: br
etag: "5866-67501f1d-10920d;br"
expires: Sun, 15 Dec 2024 11:12:24 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4448
date: Sun, 08 Dec 2024 11:12:24 GMT
last-modified: Wed, 04 Dec 2024 09:21:33 GMT
content-type: text/css
vary: Accept-Encoding
server: LiteSpeed

GET
H2 200 custom.css
freecase24.com/content/themes/arcade-two/css/ 128 B
211 B 890ms
108ms Stylesheet
text/css 52.5.109.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://freecase24.com/content/themes/arcade-two/css/custom.css
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-109-247.compute-1.amazonaws.com
Software: LiteSpeed /
Resource Hash: 80aa1939fa8cbb3dd8f0880ebe4f07039923e7355890fca13f2e362fa42e5ee4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

cache-control: public, max-age=604800
etag: "80-616ccff4-10920a;;;"
expires: Sun, 15 Dec 2024 11:12:24 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 128
date: Sun, 08 Dec 2024 11:12:24 GMT
last-modified: Mon, 18 Oct 2021 01:37:56 GMT
content-type: text/css
server: LiteSpeed

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.10.3/font/ 93 KB
13 KB 94ms
34ms Stylesheet
text/css 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.10.3/font/bootstrap-icons.css

Requested by

Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1172d3a0a208cf01dc066f0abeaf17f00264a966159a69f71947d6edcd4935f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"17579-AwBvMnkuAzSX6cpoNztsM4YwWTM"
age: 1070167
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ajx4ueXoFEyaIWmgRNbzXOYV052CUBD3IMbG%2BkPEexvnZA3bGVcbgWZCkwwReMFDwpcGqW91PcFW3heCpQHMFc0TQMTedhDEfXnUH16%2FQC2wsAmHzQ7J0l%2BvlFAN%2FnZKcwZ3uUob02yaHHWBMp0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Sun, 08 Dec 2024 11:12:24 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-etou8220052-FRA, cache-lga21967-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8eec51f71e719214-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12937
server: cloudflare
x-jsd-version: 1.10.3

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 63ms
22ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e5f-7918"
age: 706211
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rZtofAnvvOnSkKW2gzDEB3o1381gH15FsWZm0me81S23DCSMJpbHN%2Fdoz5A3EHH7BfDgMxgeuRncgaGiIpowx4rkW5gXTTBMqlsIztsaQdkvFcDH30r7Q8prqPW0sjWg79fl%2BWIk"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 28 Nov 2025 11:12:24 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 08 Dec 2024 11:12:24 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:07 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8eec51f70b3fdbe8-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5631
server: cloudflare

GET
H2 200 custom_style.css
www.play5.freecase24.com/css/ 3 KB
1 KB 137ms
93ms Stylesheet
text/css 52.5.109.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.play5.freecase24.com/css/custom_style.css
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-109-247.compute-1.amazonaws.com
Software: LiteSpeed /
Resource Hash: 6bb975671426f197e7b092c2bbeb5ca148d4a3a5a8c8e131c742d9a35c09e908

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

cache-control: public, max-age=604800
content-encoding: br
etag: "d0e-67528b05-1f8082;br"
expires: Sun, 15 Dec 2024 11:12:24 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 903
date: Sun, 08 Dec 2024 11:12:24 GMT
last-modified: Fri, 06 Dec 2024 05:26:29 GMT
content-type: text/css
vary: Accept-Encoding
server: LiteSpeed

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
907 B 128ms
39ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600&display=swap

Requested by

Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b750990c79ec4dd21bf9ad8e8db216580460e00fda22a193de7a1ab8f4b98b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 08 Dec 2024 11:12:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:12:24 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 08 Dec 2024 09:35:29 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 104 KB
33 KB 58ms
30ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

e7c8215e79cc77a4303f5034b751ea10982b5f75ac00a9121ecff9fdb7b7cdaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

content-encoding: br
etag: 848 / 20065 / m202412030101 / config-hash: 17564011173285401629
x-content-type-options: nosniff
expires: Sun, 08 Dec 2024 11:12:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 08 Dec 2024 11:12:25 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33463
x-xss-protection: 0
server: cafe

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
31 KB 153ms
29ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-15d9d"
age: 3638671
x-cache: HIT, HIT
date: Sun, 08 Dec 2024 11:12:24 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 154828, 422173
x-served-by: cache-lga21931-LGA, cache-mad22044-MAD
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1733656344.251082,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30875
server: nginx

GET
H2 200 site-logo.png
freecase24.com/images/ 26 KB
26 KB 981ms
202ms Image
image/png 52.5.109.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freecase24.com/images/site-logo.png
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-109-247.compute-1.amazonaws.com
Software: LiteSpeed /
Resource Hash: b9b2009a9d069f7bf7b0a63a4864b259d60fa9c15590e2d1ce563a3287599a11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

cache-control: public, max-age=604800
etag: "664c-67500438-135d3;;;"
expires: Sun, 15 Dec 2024 11:12:24 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 26188
date: Sun, 08 Dec 2024 11:12:24 GMT
last-modified: Wed, 04 Dec 2024 07:26:48 GMT
content-type: image/png
server: LiteSpeed

GET
H2 200 category_icon_2.svg
www.play5.freecase24.com/images/ 14 KB
4 KB 100ms
99ms Image
image/svg+xml 52.5.109.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.play5.freecase24.com/images/category_icon_2.svg
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-109-247.compute-1.amazonaws.com
Software: LiteSpeed /
Resource Hash: a2d7c39312ee92f81173e6dfb69141f9ed85912d3fa69267147275dbe4693649

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

cache-control: public, max-age=604800
content-encoding: br
etag: "39ff-67528b05-1f8089;br"
expires: Sun, 15 Dec 2024 11:12:25 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3905
date: Sun, 08 Dec 2024 11:12:25 GMT
last-modified: Fri, 06 Dec 2024 05:26:29 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: LiteSpeed

GET
H2 200 6b71d0ad777b433cac6bd50fc5014d62-512x512.jpeg
img.gamedistribution.com/ 117 KB
117 KB 116ms
18ms Image
image/jpeg 13.33.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/6b71d0ad777b433cac6bd50fc5014d62-512x512.jpeg
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-32.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30619a9e74ec70c66116a117ef4d2c92467e398020d37ae558688d62640d2845

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

x-amz-version-id: null
etag: "7160e4e535e12e3e39ef9dbb4d8f50ff"
age: 44440
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-meta-last-modified: 1651849175000
x-cache: Hit from cloudfront
content-length: 119479
x-amz-cf-id: OhH08LArYfahIAycZ55wWhQfS8Igqqr2gMYOJCboEpIABitHF4Ay3g==
date: Sat, 07 Dec 2024 22:51:45 GMT
content-type: image/jpeg
last-modified: Tue, 23 Aug 2022 09:18:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
vary: accept-encoding, Origin

GET
H2 200 44ab0db37ce548959845289be3c6bdb4-512x512.jpeg
img.gamedistribution.com/ 358 KB
359 KB 26ms
9ms Image
image/jpeg 13.33.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/44ab0db37ce548959845289be3c6bdb4-512x512.jpeg
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-32.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52b6b056dc15cbbb63356cda9b6a4e41c18e94e15adf4d4c3aff16bf7e230859

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

vary: Origin
x-amz-version-id: ES.2ITo1gZws20Ypc4L9HFRTPifVFlss
etag: "dad8e5c1d65a1a903ca2e6f422b69f95"
age: 25226
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 366657
x-amz-cf-id: siw-CEdZ-8zzbAH_N7zh6GHD0SXEA_9KbXrcIBasw3l05GTe_O9h-g==
date: Sun, 08 Dec 2024 04:11:59 GMT
content-type: image/jpeg
last-modified: Mon, 10 Oct 2022 11:06:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 c5200fd4a1664aecaab7e6b466f00d1f-512x512.jpeg
img.gamedistribution.com/ 262 KB
263 KB 14ms
14ms Image
image/jpeg 13.33.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/c5200fd4a1664aecaab7e6b466f00d1f-512x512.jpeg
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-32.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64a267405cbf302a22d9ea0ae2bed8c93cdc3365994de65a76778771aa6d271d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

x-amz-version-id: null
etag: "fc318ee53e999ac9617ae1b3d45a23a6"
age: 11739
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-meta-last-modified: 1633552000000
x-cache: Hit from cloudfront
content-length: 268588
x-amz-cf-id: UxpIYhQHzJx5n4qcvpgpjf1ZTl6BlOTfQ6fqJhmn2Yjk2Yya2qMRFg==
date: Sun, 08 Dec 2024 11:12:24 GMT
content-type: image/jpeg
last-modified: Tue, 23 Aug 2022 09:18:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
vary: accept-encoding, Origin

GET
H2 200 b0928cf25d134740a1dcebc7c4b7e573-512x512.jpeg
img.gamedistribution.com/ 26 KB
26 KB 11ms
10ms Image
image/jpeg 13.33.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/b0928cf25d134740a1dcebc7c4b7e573-512x512.jpeg
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-32.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 07f971eb323049d1c8de076ecb36356d354aa8414682c18eaed29251ade853af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

x-amz-version-id: null
etag: "1e88d0562af84d0d2df2b09f7f263060"
age: 42520
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-meta-last-modified: 1626733243000
x-cache: Hit from cloudfront
content-length: 26271
x-amz-cf-id: mCu-famlJ5O6Wc3VtckYe8Msf9z7HvpcUsye0sShbms8_ncd6gkEzw==
date: Sat, 07 Dec 2024 23:23:45 GMT
content-type: image/jpeg
last-modified: Tue, 23 Aug 2022 09:18:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
vary: accept-encoding, Origin

GET
H2 404 boys-style-up_2.webp
www.play5.freecase24.com/thumbs/ 1 KB
1 KB 100ms
99ms Image
text/html 52.5.109.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.play5.freecase24.com/thumbs/boys-style-up_2.webp
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-109-247.compute-1.amazonaws.com
Software: LiteSpeed /
Resource Hash: 679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

cache-control: private, no-cache, max-age=0
content-encoding: gzip
pragma: no-cache
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
date: Sun, 08 Dec 2024 11:12:25 GMT
content-type: text/html
vary: Accept-Encoding
server: LiteSpeed

GET
H2 200 8a2c8eee94134088a7d6b613d1549845-512x512.jpeg
img.gamedistribution.com/ 240 KB
240 KB 15ms
14ms Image
image/jpeg 13.33.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/8a2c8eee94134088a7d6b613d1549845-512x512.jpeg
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-32.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb42aad1c0c20ea267290f261ee1bb0c9075cb6a2ba93e306940568bb8f04e91

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

etag: "d2190b4cc7810306eb0148b4414563af"
x-amz-version-id: null
age: 61826
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-meta-last-modified: 1657758305000
x-cache: Hit from cloudfront
content-length: 245444
x-amz-cf-id: iUQLkRupMDQ-zkvhC-K-KTQ2sNxmgBqUKoWmgCusKPhjXgjf--cbUQ==
date: Sat, 07 Dec 2024 18:02:00 GMT
content-type: image/jpeg
last-modified: Tue, 23 Aug 2022 09:21:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
vary: Origin

GET
H2 200 69423636e6714d3cae7bfbb2ade6eeb9-512x512.jpeg
img.gamedistribution.com/ 231 KB
232 KB 11ms
10ms Image
image/jpeg 13.33.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/69423636e6714d3cae7bfbb2ade6eeb9-512x512.jpeg
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-32.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4478dbd9b1a80cb29fc7d7ceba1d332493cafe88f82688814e31a561884ca701

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

etag: "87a2fce75056cef9f0c8296acf5b4463"
x-amz-version-id: null
age: 25744
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-meta-last-modified: 1646743670000
x-cache: Hit from cloudfront
content-length: 236977
x-amz-cf-id: kYgeuTIum0r9UVJtKsCznpJFQVBUyzjn2zht_1Vn4IgrUMYpWx2aQQ==
date: Sun, 08 Dec 2024 04:03:22 GMT
content-type: image/jpeg
last-modified: Tue, 23 Aug 2022 09:19:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
vary: Origin

GET
H2 200 8e85b9eab2544b57b131fb30017410fc-512x512.jpeg
img.gamedistribution.com/ 72 KB
72 KB 13ms
12ms Image
image/jpeg 13.33.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/8e85b9eab2544b57b131fb30017410fc-512x512.jpeg
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-32.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 641f4f2ff7615a7cc795e07d03797c64efb8bfb9887a3546e7580c14bedf138b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

x-amz-version-id: null
etag: "70920b74ba635b9b19602ad011aae5d0"
age: 30398
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-meta-last-modified: 1637474043000
x-cache: Hit from cloudfront
content-length: 73309
x-amz-cf-id: 5kEf-wCWrNVu3XJ6m5IENekQIH-kmdhyp_fpckO34NIQjE4Wr1aAOw==
date: Sun, 08 Dec 2024 02:45:48 GMT
content-type: image/jpeg
last-modified: Tue, 23 Aug 2022 09:21:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
vary: accept-encoding, Origin

GET
H2 200 f56c0b6144224553a6273f27eaa98652-512x512.jpeg
img.gamedistribution.com/ 34 KB
34 KB 20ms
15ms Image
image/jpeg 13.33.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/f56c0b6144224553a6273f27eaa98652-512x512.jpeg
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-32.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 728e5847d55dc4e276a47f82136567322c0347afb80fbc73d5077fd5b67545dd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

etag: "0422f889fa6ad47a41959e5b97d12d61"
x-amz-version-id: null
age: 26797
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-meta-last-modified: 1644446588000
x-cache: Hit from cloudfront
content-length: 34893
x-amz-cf-id: V3rmMWaBaIyLC3cskIZf9uKy2eIoe9DzX1IvnhyAEj3tH-O0Qt9nmg==
date: Sun, 08 Dec 2024 03:45:49 GMT
content-type: image/jpeg
last-modified: Tue, 23 Aug 2022 09:18:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
vary: Origin

GET
H2 404 ball-tower-of-hell_2.webp
www.play5.freecase24.com/thumbs/ 1 KB
1 KB 105ms
101ms Image
text/html 52.5.109.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.play5.freecase24.com/thumbs/ball-tower-of-hell_2.webp
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-109-247.compute-1.amazonaws.com
Software: LiteSpeed /
Resource Hash: 679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

cache-control: private, no-cache, max-age=0
content-encoding: gzip
pragma: no-cache
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
date: Sun, 08 Dec 2024 11:12:25 GMT
content-type: text/html
vary: Accept-Encoding
server: LiteSpeed

GET
H2 200 9a2596feaafd4c6e8deef1da5b7a810a-512x512.jpeg
img.gamedistribution.com/ 42 KB
42 KB 33ms
29ms Image
image/jpeg 13.33.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/9a2596feaafd4c6e8deef1da5b7a810a-512x512.jpeg
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-32.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e686af8620ca6695f6ad0976126cd569f59a188212ba6b8ec77e59f8a0fb35b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

vary: Origin
x-amz-version-id: bxduAk7h3ypd6ys75t8BEX.JI18Bzoq0
etag: "3dec4705dd663355ec2192886d5ad107"
age: 24189
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 42713
x-amz-cf-id: qqaiUgEDw03PiJJVkrh9E1_ZHJZcsZ1mUwvOupWDHApv-g9g4g2BJA==
date: Sun, 08 Dec 2024 04:29:17 GMT
content-type: image/jpeg
last-modified: Sat, 08 Oct 2022 19:05:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 7fedf0d6296b469e9f52dd8f5e656ab7-512x512.jpeg
img.gamedistribution.com/ 121 KB
122 KB 17ms
13ms Image
image/jpeg 13.33.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/7fedf0d6296b469e9f52dd8f5e656ab7-512x512.jpeg
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-32.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f74ed96e0b2bc458ea4bb67abc2adde84807ebc2ebeedc9c984159919b6279c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

x-amz-version-id: null
etag: "c907a52ab5bf430ab934c90a8f6b985b"
age: 30848
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-meta-last-modified: 1622993503000
x-cache: Hit from cloudfront
content-length: 124238
x-amz-cf-id: Byu2MsPK64nEmKmC_rD4Q902vsnFnRpzbWp__RxTsVBM2YA6wlLQwg==
date: Sun, 08 Dec 2024 02:38:18 GMT
content-type: image/jpeg
last-modified: Tue, 23 Aug 2022 09:18:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
vary: accept-encoding, Origin

GET
H2 200 7e4a4cbb41ac408286a05242f8033296-512x512.jpeg
img.gamedistribution.com/ 74 KB
74 KB 58ms
55ms Image
image/jpeg 13.33.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/7e4a4cbb41ac408286a05242f8033296-512x512.jpeg
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-32.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a2348b00fe9d09f3d2ff4f827f894a7ae926d24ac41b545b7d4b4b292a8ddda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

x-amz-version-id: null
etag: "8d6238785bb453e42941a7314c6ddf7d"
age: 9545
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-meta-last-modified: 1640074198000
x-cache: Hit from cloudfront
content-length: 75410
x-amz-cf-id: fLoDvjZpW8RLZdJb9s1S4ezTxkMuPIqwQYdpWKfHjeqEkoybfo5ddw==
date: Sun, 08 Dec 2024 11:12:25 GMT
content-type: image/jpeg
last-modified: Tue, 23 Aug 2022 09:20:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
vary: accept-encoding, Origin

GET
H2 200 35823f27b20c4ce3ba36d321982ee8d4-512x512.jpeg
img.gamedistribution.com/ 204 KB
204 KB 38ms
35ms Image
image/jpeg 13.33.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/35823f27b20c4ce3ba36d321982ee8d4-512x512.jpeg
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-32.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b4e8e394be768ebeb4712b8cf516925a4b042d85590aa2a87a60bf88169c87a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

x-amz-version-id: null
etag: "9ee13a6dd73e2661cbf50c47bbacb9ae"
age: 3888
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-meta-last-modified: 1656702297000
x-cache: Hit from cloudfront
content-length: 208710
x-amz-cf-id: AjsJLMPxckcnjB7wf0du-higxrxvAqGyZztHETshDV8KyqPl1KVcdw==
date: Sun, 08 Dec 2024 11:12:25 GMT
content-type: image/jpeg
last-modified: Tue, 23 Aug 2022 09:20:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
vary: accept-encoding, Origin

GET
H2 200 25d7537b06534084b44aa672007645cc-512x512.jpg
img.gamedistribution.com/ 315 KB
315 KB 21ms
17ms Image
image/jpeg 13.33.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/25d7537b06534084b44aa672007645cc-512x512.jpg
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-32.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 648eae21db33e75721a3ec973331b7a0813f27ea3cb6a2d8ef99b29659b192bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

vary: accept-encoding, Origin
x-amz-version-id: az7BZQIYJspMpo_Fg8sHsnk7C_DZEGJ8
etag: "fd739ab3e94358366bd6368473b8cf92"
age: 8240
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 322156
x-amz-cf-id: whBe_-qkn_fkJ5WzbO2LN5NZMQCS6isB8zq_UIUQi5GjX6vBAruw6w==
date: Sun, 08 Dec 2024 08:55:06 GMT
content-type: image/jpeg
last-modified: Mon, 18 Mar 2024 08:21:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 7aa91c08f10c46f78580b6b88f3f93f4-512x512.jpeg
img.gamedistribution.com/ 55 KB
55 KB 35ms
31ms Image
image/jpeg 13.33.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/7aa91c08f10c46f78580b6b88f3f93f4-512x512.jpeg
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-32.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3bb7dde9e4990f3453e89cb2cdba6b02c351d02ae147e9e16df41990292ef71

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

x-amz-version-id: null
etag: "af922e7491d96b2c21bec00f7449fbf7"
age: 30848
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-meta-last-modified: 1638795001000
x-cache: Hit from cloudfront
content-length: 56256
x-amz-cf-id: l9NiWvKPHdzL_X8dmAH4CmC5BuFbglAhI8ikTlNYsOGEqLSW1RVg0w==
date: Sun, 08 Dec 2024 02:38:17 GMT
content-type: image/jpeg
last-modified: Tue, 23 Aug 2022 09:21:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
vary: accept-encoding, Origin

GET
H2 200 c58c16ff69d746d1af62e7eeee864c71-512x512.jpeg
img.gamedistribution.com/ 81 KB
81 KB 63ms
60ms Image
image/jpeg 13.33.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/c58c16ff69d746d1af62e7eeee864c71-512x512.jpeg
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-32.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 334673f012f4193cebc23050c4619937fff488edfe2349b69486784f19660025

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

x-amz-version-id: null
etag: "f6a02a7a4f077ad933153043da1f30af"
age: 27067
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-meta-last-modified: 1618312133000
x-cache: Hit from cloudfront
content-length: 82960
x-amz-cf-id: IaUrcRoeajsp5W61QOsFrwKXBhY3Y1qloRaXiqEeJ_JJC1P_IWut_g==
date: Sun, 08 Dec 2024 03:41:19 GMT
content-type: image/jpeg
last-modified: Tue, 23 Aug 2022 09:19:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
vary: accept-encoding, Origin

GET
H2 404 ninja-crossword-challenge_2.webp
www.play5.freecase24.com/thumbs/ 1 KB
1 KB 105ms
102ms Image
text/html 52.5.109.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.play5.freecase24.com/thumbs/ninja-crossword-challenge_2.webp
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-109-247.compute-1.amazonaws.com
Software: LiteSpeed /
Resource Hash: 679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

cache-control: private, no-cache, max-age=0
content-encoding: gzip
pragma: no-cache
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
date: Sun, 08 Dec 2024 11:12:25 GMT
content-type: text/html
vary: Accept-Encoding
server: LiteSpeed

GET
H2 200 41158d8161b349eebf0f88ee72c7e351-512x512.jpeg
img.gamedistribution.com/ 56 KB
57 KB 58ms
55ms Image
image/jpeg 13.33.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/41158d8161b349eebf0f88ee72c7e351-512x512.jpeg
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-32.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: faf705621c5404559147e21afb4e0cd3811aa777afad49a686921428ed3299f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

x-amz-version-id: null
etag: "a62096eb0ac003bca5bd1005dd06c2f7"
age: 78175
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-meta-last-modified: 1620929459000
x-cache: Hit from cloudfront
content-length: 57426
x-amz-cf-id: 8LE75qXFsbgyvOX6Qngd-meuuCSddYUg8ALd-YXLw0LI-zAaiztdKA==
date: Sat, 07 Dec 2024 13:29:31 GMT
content-type: image/jpeg
last-modified: Tue, 23 Aug 2022 09:20:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
vary: accept-encoding, Origin

GET
H2 200 ebaa0322602b47bfa18304a581a06bb9-512x512.jpeg
img.gamedistribution.com/ 72 KB
73 KB 55ms
53ms Image
image/jpeg 13.33.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/ebaa0322602b47bfa18304a581a06bb9-512x512.jpeg
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-32.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ae0ac7fa236fc5c16ba5986cd7e03ed30d96e17724fd9697ea931404a5e9e14

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

etag: "ef64210d164e61b40a5a4472992f2c10"
x-amz-version-id: null
age: 29874
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-meta-last-modified: 1657927932000
x-cache: Hit from cloudfront
content-length: 73837
x-amz-cf-id: XLWoBCNWFgR_yQWAT-qJQ0iOsKBddT0wi9q1823KsR-JJ7uj1vSmMA==
date: Sun, 08 Dec 2024 02:54:31 GMT
content-type: image/jpeg
last-modified: Tue, 23 Aug 2022 09:20:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
vary: Origin

GET
H2 200 32c7d860229a4aa0a74b1d822da576dc-512x512.jpeg
img.gamedistribution.com/ 60 KB
61 KB 71ms
69ms Image
image/jpeg 13.33.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/32c7d860229a4aa0a74b1d822da576dc-512x512.jpeg
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-32.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a36f7c78e452037815da53d242ee3def54012122259900c295f3fdeb0fc1203

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

x-amz-version-id: null
etag: "1c7b88c7f8eeb39f4338bf8679e7325c"
age: 61787
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-meta-last-modified: 1652786584000
x-cache: Hit from cloudfront
content-length: 61552
x-amz-cf-id: Qa3TaFD46jJMOp-Bh6SnsxuzwN_luo5Qk1-7hH151V2CKkXNZ5bFng==
date: Sat, 07 Dec 2024 18:02:39 GMT
content-type: image/jpeg
last-modified: Tue, 23 Aug 2022 09:18:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
vary: accept-encoding, Origin

GET
H2 404 soccer-dash_2.webp
www.play5.freecase24.com/thumbs/ 1 KB
1 KB 105ms
103ms Image
text/html 52.5.109.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.play5.freecase24.com/thumbs/soccer-dash_2.webp
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-109-247.compute-1.amazonaws.com
Software: LiteSpeed /
Resource Hash: 679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

cache-control: private, no-cache, max-age=0
content-encoding: gzip
pragma: no-cache
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
date: Sun, 08 Dec 2024 11:12:25 GMT
content-type: text/html
vary: Accept-Encoding
server: LiteSpeed

GET
H2 200 e5a9b8d8ba76482e8438a48aabef0d5e-512x512.jpeg
img.gamedistribution.com/ 301 KB
301 KB 72ms
70ms Image
image/jpeg 13.33.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/e5a9b8d8ba76482e8438a48aabef0d5e-512x512.jpeg
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-32.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4c4e286b78840663e49b877cdd311f5ea0ce7a4e1531c4807c887c41cda053d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

etag: "1b23af498b660a7df0bf22b5862566cb"
x-amz-version-id: null
age: 40468
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-meta-last-modified: 1623929899000
x-cache: Hit from cloudfront
content-length: 307736
x-amz-cf-id: 155BL6zQ6gdzlV5itQCJx0cnvGHBVezcbjkrRShvHmzqvGvmjTLMUg==
date: Sat, 07 Dec 2024 23:57:58 GMT
content-type: image/jpeg
last-modified: Tue, 23 Aug 2022 09:18:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
vary: Origin

GET
H2 200 fb80af6083674e859ead72a38d2fd434-512x512.jpeg
img.gamedistribution.com/ 111 KB
112 KB 92ms
90ms Image
image/jpeg 13.33.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/fb80af6083674e859ead72a38d2fd434-512x512.jpeg
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-32.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 73efa7b1034067f9c647332cd98ce8d02fa878f4a4d350156a0222dd821405cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

etag: "d87003395c2b7121040ec12e4922bad7"
x-amz-version-id: null
age: 24113
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-meta-last-modified: 1640716239000
x-cache: Hit from cloudfront
content-length: 114036
x-amz-cf-id: gpW9rqdLX9Y-x2SMHNCE89qTkeeZ28AWErf_O5OpXyA8kExfYLfZJA==
date: Sun, 08 Dec 2024 04:30:33 GMT
content-type: image/jpeg
last-modified: Tue, 23 Aug 2022 09:20:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
vary: Origin

GET
H2 200 9bf09c483ca440f281a50ce50ef6515a-512x512.jpeg
img.gamedistribution.com/ 78 KB
78 KB 94ms
92ms Image
image/jpeg 13.33.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/9bf09c483ca440f281a50ce50ef6515a-512x512.jpeg
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-32.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00bb1a2fc09b3d0e14fa408bc1ef54695aee90b00b86868b21678bb6247cae5a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

x-amz-version-id: null
etag: "e2e34589d8c966b61bc813b8510b9e85"
age: 23927
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-meta-last-modified: 1641990381000
x-cache: Hit from cloudfront
content-length: 79813
x-amz-cf-id: frataAVwhgP-wwPBMLxdeNjirS5ERxiFN-4svbPf3l5jomvtnhWUvw==
date: Sun, 08 Dec 2024 11:12:25 GMT
content-type: image/jpeg
last-modified: Tue, 23 Aug 2022 09:19:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
vary: accept-encoding, Origin

GET
H2 200 f6bcae4375b74f8aaf12e7b1a318d9b0-512x512.jpeg
img.gamedistribution.com/ 35 KB
35 KB 88ms
86ms Image
image/jpeg 13.33.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/f6bcae4375b74f8aaf12e7b1a318d9b0-512x512.jpeg
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-32.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2541c8a5b3a9a84fa36ed3c801ee730290ec609c949afe8b4b0051778de0dc2b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

x-amz-version-id: null
etag: "2d630edcd19abf8af962f2cd047eba5e"
age: 30848
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-meta-last-modified: 1631905870000
x-cache: Hit from cloudfront
content-length: 35532
x-amz-cf-id: JhOQjzl7pIJogDG8TQNcaBXr2hKszHP1vNCGuTuewDJcl5WY_7yucg==
date: Sun, 08 Dec 2024 02:38:18 GMT
content-type: image/jpeg
last-modified: Tue, 23 Aug 2022 09:20:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
vary: accept-encoding, Origin

GET
H2 404 toddie-summer-peak_2.webp
www.play5.freecase24.com/thumbs/ 1 KB
1 KB 105ms
104ms Image
text/html 52.5.109.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.play5.freecase24.com/thumbs/toddie-summer-peak_2.webp
Requested by: Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-109-247.compute-1.amazonaws.com
Software: LiteSpeed /
Resource Hash: 679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

cache-control: private, no-cache, max-age=0
content-encoding: gzip
pragma: no-cache
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
date: Sun, 08 Dec 2024 11:12:25 GMT
content-type: text/html
vary: Accept-Encoding
server: LiteSpeed

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 47ms
46ms Script
application/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"7e91359b46e1da637080a03b759164fa"
age: 495
expires: Wed, 11 Dec 2024 11:12:25 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 08 Dec 2024 11:12:25 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: OneSignal-Subscription-Id
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=259200
via: 1.1 google
cf-ray: 8eec51ffee325d90-FRA
server: cloudflare

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/ 497 KB
153 KB 34ms
34ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

28f6ada997873a7e073fc506b93f86b6d2be7de4cc6ae085557bc322cc6df331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

content-encoding: br
etag: 6831530709922679929
age: 26517
x-content-type-options: nosniff
expires: Mon, 08 Dec 2025 03:50:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 08 Dec 2024 03:50:28 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 157012
x-xss-protection: 0
server: cafe

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/ 8 KB
8 KB 57ms
29ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.play5.freecase24.com
Referer: https://fonts.googleapis.com/

Response headers

age: 358713
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 04 Dec 2025 07:33:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 07:33:52 GMT
last-modified: Wed, 04 Dec 2024 06:53:31 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8000
x-xss-protection: 0
server: sffe

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v22/ 8 KB
8 KB 55ms
27ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.play5.freecase24.com
Referer: https://fonts.googleapis.com/

Response headers

age: 358713
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 04 Dec 2025 07:33:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 07:33:52 GMT
last-modified: Wed, 04 Dec 2024 06:53:08 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H3 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/ 8 KB
8 KB 57ms
30ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.play5.freecase24.com
Referer: https://fonts.googleapis.com/

Response headers

age: 358713
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 04 Dec 2025 07:33:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 07:33:52 GMT
last-modified: Wed, 04 Dec 2024 06:54:05 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7748
x-xss-protection: 0
server: sffe

GET
H3 200 bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.10.3/font/fonts/ 118 KB
119 KB 53ms
27ms Font
font/woff2 104.18.186.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.10.3/font/fonts/bootstrap-icons.woff2?24e3eb84d0bcaf83d77f904c78ac1f47

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.10.3/font/bootstrap-icons.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.186.31 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.play5.freecase24.com
Referer: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.10.3/font/bootstrap-icons.css

Response headers

access-control-expose-headers: *
cf-cache-status: HIT
etag: W/"1d9d0-F9rQd2iZrRvq2r0GHDTioiss3nQ"
age: 707354
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=In3iY0aRmkh15BSVNDqhux4fvXLAUhS1J6yChu%2BgbVJFlDIcNvkkxMYc6TcCnCBIcq2eDpD7JvDdlCLoyf6VzT4JK4DthGvpRUyjRaLPDMypCET2R17A6lrZVJEmfEdCvYA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfExtPri
date: Sun, 08 Dec 2024 11:12:25 GMT
content-type: font/woff2
x-served-by: cache-fra-etou8220124-FRA, cache-lga21965-LGA
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8eec52008f4d5c2c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 121296
server: cloudflare
x-jsd-version: 1.10.3

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 32ms
28ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.play5.freecase24.com
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "5eb03e5f-12d68"
age: 816032
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BdPom%2BZ2imUoeCr58pMbGsZ8yq24uYBjS4U%2BbFBON4tPPZW82kFRaRxVeZwWSxpn3GaWtoZve488pUyup4j0f%2FZZKPGOcE2jWb8U2az%2B1aJQb2NUz7%2BpN91XH6qIm0ged01%2FVTwl"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 28 Nov 2025 11:12:25 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 08 Dec 2024 11:12:25 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:07 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8eec52006be0dc50-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 77160
server: cloudflare

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 63 KB
22 KB 27ms
25ms Other
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt

Requested by

Host: www.play5.freecase24.com
URL: https://www.play5.freecase24.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 4443559573512225521
age: 29041
x-content-type-options: nosniff
expires: Mon, 09 Dec 2024 03:08:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 08 Dec 2024 03:08:24 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 22952
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202412050101"

GET
H2 200 23213413744 Show response
fundingchoicesmessages.google.com/i/ 196 KB
65 KB 93ms
46ms Script
application/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/23213413744?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47b30b4714b43919e248987c562b07436fe7921b12a58a1eebe6dcccc4a4ead1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-0WjBn4spkDHnTKHCa9uNSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:12:25 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1ZBikPj6kkkDiJ3SZ7AGAXHrzXOsU4HYaO15VicgTvp3nrUIiA0VLrE6gnDRJVZPIFbtucRqCsT3111ifQ7EM85fZl0AxEUSV1ibgJjh6xVWDiAW4uGY-e_qLjaBjtfdZ5mVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAyNDEz1DEziCwwA_vtBMQ"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-0WjBn4spkDHnTKHCa9uNSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxV8jEdau9zHQdS_hvLysQX7f65Rp0jVBWVfiR_X50ZsSAeJkO4HuDNtfpYivleoF81bxQgUnRJpm9qNARoVTByfkRAaCB3540VGJAtxp_0ihVnZ5gRkhYMf8uZ-d1sMKPMww2ESuw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 58ms
54ms Script
application/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV8jEdau9zHQdS_hvLysQX7f65Rp0jVBWVfiR_X50ZsSAeJkO4HuDNtfpYivleoF81bxQgUnRJpm9qNARoVTByfkRAaCB3540VGJAtxp_0ihVnZ5gRkhYMf8uZ-d1sMKPMww2ESuw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzNjU2MzQ2LDI4MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5wbGF5NS5mcmVlY2FzZTI0LmNvbS8iLG51bGwsW1s4LCJfOUVkcVY2Y0haVSJdLFs5LCJkZSJdLFsxNiwiWzAsMCwwXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de._9EdqV6cHZU.es5.O/am=DAY/d=1/rs=AJlcJMwN_1lH2pRZUGwxJHf1krQmKb2QnA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

657d4c15a2a26f6c7534ba9ebf686801bdc1d65d172bcb35a60ca6c6f4e0c408

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-8cCYKwSfS805W2BewoQpCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:12:26 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1ZBiOHHrNtMFIJb4-pJJA4id0mewBgFx681zrFOB2GjteVYnIE76d561CIgNFS6xOoJw0SVWTyBW7bnEagrE99ddYn0OxDPOX2ZdAMRFEldYm4CY4esVVg4gFuLmmPXv6i42gRcf96kqaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRgaGZjqGZjEFxgAAOmURi0"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-8cCYKwSfS805W2BewoQpCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 4 KB
438 B 266ms
235ms Fetch
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1633059173749968&correlator=2264177166848263&eid=31089352%2C31089354&output=ldjh&gdfp_req=1&vrg=202412030101&ptt=17&impl=fifs&iu_parts=23213413744%2C13%2CFreecase24_responsive%2CGame&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=414x300%7C450x50%7C420x250%2C444x50%7C400x90%2C400x250%7C410x50%2C300x100%7C350x80%7C310x75%2C300x50%2C300x50%7C320x100&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1733656346038&lmt=1733656346&adxs=-9%2C-9%2C563%2C-9%2C-9%2C-9&adys=-9%2C-9%2C140%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C0%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.play5.freecase24.com%2F&vis=1&psz=0x-1%7C0x-1%7C475x2618%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C475x50%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C0%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733656344060&idt=1776&adks=622596663%2C1868485348%2C2988281908%2C2779091547%2C2013794907%2C915046100&frm=20&eoidce=1&td=1&egid=60979&tan=c1f75320-1753-434c-b6cd-34fef0a873b9%2Cc1f75320-1753-434c-b6cd-34fef0a873ba%2Cc1f75320-1753-434c-b6cd-34fef0a873bb%2Cc1f75320-1753-434c-b6cd-34fef0a873bc%2Cc1f75320-1753-434c-b6cd-34fef0a873bd%2Cc1f75320-1753-434c-b6cd-34fef0a873be&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

bc4d0fc02d974ce19a88f27f12909dab122eee92261939c394a800aa71a2024b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

content-encoding: br
google-lineitem-id: -2,-2,-2,-2,-2,-2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 08 Dec 2024 11:12:26 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2,-2,-2,-2,-2,-2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.play5.freecase24.com
content-length: 409
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
ee44a078b670b5e88f06982c46df4599.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5219 0
0 79ms
23ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ee44a078b670b5e88f06982c46df4599.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.play5.freecase24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 08 Dec 2024 11:12:26 GMT
expires: Sun, 08 Dec 2024 11:12:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 57ms
33ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

37de1fa463d8b25adc16ff6b0fd6101e0549d4389e1c88617cb1394c371b24c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13274
date: Sun, 08 Dec 2024 11:12:26 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 favicon.ico
www.play5.freecase24.com/images/ 194 KB
73 KB 111ms
111ms Other
image/x-icon 52.5.109.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.play5.freecase24.com/images/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-109-247.compute-1.amazonaws.com
Software: LiteSpeed /
Resource Hash: 4bd61759571f88cc41a64bb87ed5a529a5fe94f6786ff62163911cbec0fc5000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

cache-control: public, max-age=604800
content-encoding: br
etag: "30698-67529995-1f90e4;br"
expires: Sun, 15 Dec 2024 11:12:26 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 74699
date: Sun, 08 Dec 2024 11:12:26 GMT
last-modified: Fri, 06 Dec 2024 06:28:37 GMT
content-type: image/x-icon
vary: Accept-Encoding
server: LiteSpeed

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 133ms
24ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.play5.freecase24.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Sun, 08 Dec 2024 11:12:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:12:26 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame CF25 0
0 47ms
14ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.play5.freecase24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1691
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 08 Dec 2024 10:44:15 GMT
expires: Sun, 08 Dec 2024 11:34:15 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412030101&jk=1633059173749968&bg=!hoWlhcrNAAaIaF9IqGg7ADQBe5WfOJzddsj1FWDo0hedT-D4VUM3aKtrHcBFzfGoffzicLJ6igtHuH2s_hnTngGSGXu4AgAAAEtSAAAAA2gBB34ANnqIZKgUXkmLvNqMnSRmxo-r_auaav0zSy8KZki3EkE26AXr3G6TjAn8BQUXanynIlYrx0MjoZkCqlffJy9apCi4u0ley7JHZGTMZJbOeMqNksTXNB9WfrKpc4xVSt15PU15uT_XlyvyewNmiNJzvj0j6UZ6uPUthpNCxXwe7QeM1EPInSsJSsCZloZHMewjxD8lTT5YwAyYyvtVTqT4rq8-8_yOjprsiy-_QKTZfx-195idsmdX1ivUX-OR7bumgqQh584trOfc0zF354DrFkStJywNQuIULzw8JkN9T351pa8rMSaJ5rkx-gkSBIWU3Jx7ci_rI8pwMgzWW_kA4np9g6lte76sDnjeHHUggQlnZJFBqcd0cIyGFaSEvMivwaE3OQRbCvrIBWIIlFXIUu15HAw7JVf6BrSdokIR6QROTVfDqzMat9TbE485snEuWQiLTdsRJw6xwYdakiLwx1ds4j4mTp-_gXO2Fl_0Y4HG_3q6FB8GypK8jqMxuaV99Is_41RYRqZusNl1eMODpeMqHdsBEZKsqRebrio4W_P6fuAZtHMy7SAelQXuWTrpN5QiexuDjZ1G36p0e18g2CDluGdqDzNyh-TxN7pUSAvLW4VhG43HKi12L9kHWxA2ou8LWyTzQcejiJbStdqojrEzcopCb68dSSQd3oxW8-X-5iDGWLnyryl8QWE-jQTkpSTvnn9EfKwuKP5rmCPb4ZO-H5Lns8u5_ySUDgd0pnJX22rHr-HUAH0IRDa3NB5DFoEK3TVMnFz93MGhSbgX_1BsiT5I9TGuurlkhwJYQdZ9jE58wjLjudwuGeP8CroN_sQ1KRDKI7BOcqAp9R0aiIoyryy_LyNLG_XWL8IyiDSSmnXiPe0wNgYPC3IEqXUFzRT68JZ-7qnCSHcE66y9MSlUO_UilDntUFH_BisVx5DJyV-dw14d03qm46FV7DjbzTfaeOMi06FiIXHrzatB4VAnnyU

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.onesignal.com/	1970-01-21 01:34:18	Name: __cf_bm Value: HGb0GKfaAxpkWPbpFPNKHFQU5lCq6uF8JAVJhfXjZEY-1733656344-1.0.1.1-Zq19wmr9gEmQhpkinBuZjGXrpuZCliWu2bgFHub.Nw0qYkaNQcSJH_FC9KxT7NnRWKZTwCCAdwLSD3yw9Oia3w
			.freecase24.com/	1970-01-21 05:53:28	Name: __eoi Value: ID=20716bd22fb6c322:T=1733656346:RT=1733656346:S=AA-AfjZSAHPe4N67ou3X-zTMBfht

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.play5.freecase24.com/thumbs/boys-style-up_2.webp Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.play5.freecase24.com/thumbs/ball-tower-of-hell_2.webp Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.play5.freecase24.com/thumbs/ninja-crossword-challenge_2.webp Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.play5.freecase24.com/thumbs/soccer-dash_2.webp Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.play5.freecase24.com/thumbs/toddie-summer-peak_2.webp Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.onesignal.com
cdnjs.cloudflare.com
code.jquery.com
ee44a078b670b5e88f06982c46df4599.safeframe.googlesyndication.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
freecase24.com
fundingchoicesmessages.google.com
img.gamedistribution.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
www.atmhtml5games.com
www.play5.freecase24.com
ep1.adtrafficquality.google
104.17.111.223
104.17.24.14
104.18.186.31
13.33.187.32
142.250.181.226
142.250.184.227
172.217.18.2
216.58.206.34
2606:4700::6812:ba1f
2a00:1450:4001:803::2001
2a00:1450:4001:81d::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2001
2a02:4780:11:1748:0:20ad:843d:9
2a04:4e42:400::649
52.5.109.247
00bb1a2fc09b3d0e14fa408bc1ef54695aee90b00b86868b21678bb6247cae5a
07f971eb323049d1c8de076ecb36356d354aa8414682c18eaed29251ade853af
2143941c03dacda8b4f1016ced6e0c6f34e5c04585a3bcffe33c3c626c448a4a
2541c8a5b3a9a84fa36ed3c801ee730290ec609c949afe8b4b0051778de0dc2b
28f6ada997873a7e073fc506b93f86b6d2be7de4cc6ae085557bc322cc6df331
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30619a9e74ec70c66116a117ef4d2c92467e398020d37ae558688d62640d2845
334673f012f4193cebc23050c4619937fff488edfe2349b69486784f19660025
37de1fa463d8b25adc16ff6b0fd6101e0549d4389e1c88617cb1394c371b24c8
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3f74ed96e0b2bc458ea4bb67abc2adde84807ebc2ebeedc9c984159919b6279c
4478dbd9b1a80cb29fc7d7ceba1d332493cafe88f82688814e31a561884ca701
47b30b4714b43919e248987c562b07436fe7921b12a58a1eebe6dcccc4a4ead1
4a36f7c78e452037815da53d242ee3def54012122259900c295f3fdeb0fc1203
4bd61759571f88cc41a64bb87ed5a529a5fe94f6786ff62163911cbec0fc5000
52b6b056dc15cbbb63356cda9b6a4e41c18e94e15adf4d4c3aff16bf7e230859
641f4f2ff7615a7cc795e07d03797c64efb8bfb9887a3546e7580c14bedf138b
648eae21db33e75721a3ec973331b7a0813f27ea3cb6a2d8ef99b29659b192bd
64a267405cbf302a22d9ea0ae2bed8c93cdc3365994de65a76778771aa6d271d
657d4c15a2a26f6c7534ba9ebf686801bdc1d65d172bcb35a60ca6c6f4e0c408
679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43
6bb975671426f197e7b092c2bbeb5ca148d4a3a5a8c8e131c742d9a35c09e908
728e5847d55dc4e276a47f82136567322c0347afb80fbc73d5077fd5b67545dd
73efa7b1034067f9c647332cd98ce8d02fa878f4a4d350156a0222dd821405cf
785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
80aa1939fa8cbb3dd8f0880ebe4f07039923e7355890fca13f2e362fa42e5ee4
8a2348b00fe9d09f3d2ff4f827f894a7ae926d24ac41b545b7d4b4b292a8ddda
8ae0ac7fa236fc5c16ba5986cd7e03ed30d96e17724fd9697ea931404a5e9e14
966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599
9773a654edd298605dd4d76f52d54d002faf7cb75fea8751995f4bc72be80ab7
a2d7c39312ee92f81173e6dfb69141f9ed85912d3fa69267147275dbe4693649
a5e857dc5f5efa1ca90e2a2a7bdbaa266c9dcb20c7c059b4e0a726f239a1bec9
b4e8e394be768ebeb4712b8cf516925a4b042d85590aa2a87a60bf88169c87a8
b750990c79ec4dd21bf9ad8e8db216580460e00fda22a193de7a1ab8f4b98b81
b9b2009a9d069f7bf7b0a63a4864b259d60fa9c15590e2d1ce563a3287599a11
bb42aad1c0c20ea267290f261ee1bb0c9075cb6a2ba93e306940568bb8f04e91
bc4d0fc02d974ce19a88f27f12909dab122eee92261939c394a800aa71a2024b
be61ed38c9deab43069447a9657439d97ac33403d0bc5653a7d2423767ffd991
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d4c4e286b78840663e49b877cdd311f5ea0ce7a4e1531c4807c887c41cda053d
e1172d3a0a208cf01dc066f0abeaf17f00264a966159a69f71947d6edcd4935f
e3bb7dde9e4990f3453e89cb2cdba6b02c351d02ae147e9e16df41990292ef71
e5f79d38819c9e88959c018c51df06e73f0d414e8e274464d45248f4954e134d
e686af8620ca6695f6ad0976126cd569f59a188212ba6b8ec77e59f8a0fb35b3
e7c8215e79cc77a4303f5034b751ea10982b5f75ac00a9121ecff9fdb7b7cdaa
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
faf705621c5404559147e21afb4e0cd3811aa777afad49a686921428ed3299f2
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

www.play5.freecase24.com Open in urlscan Pro 52.5.109.247 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

59 Requests

98 %HTTPS

44 %IPv6

13 Domains

16 Subdomains

17 IPs

4 Countries

3811 kBTransfer

5512 kBSize

2 Cookies

7 Outgoing links

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.play5.freecase24.com Open in urlscan Pro
52.5.109.247 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

98 %
HTTPS

44 %
IPv6

13
Domains

16
Subdomains

17
IPs

4
Countries

3811 kB
Transfer

5512 kB
Size

2
Cookies

59 HTTP transactions
0 data transactions