j93i-jogosdecassino.somee.com Open in urlscan Pro
198.37.116.25 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://j93i-jogosdecassino.somee.com/bonus/page-459-2023-10-22.html
Submission: On August 02 via api (August 2nd 2023, 11:50:57 pm UTC) from US — Scanned from DE

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 17 domains to perform 24 HTTP transactions. The main IP is 198.37.116.25, located in United States and belongs to DC74-AS, US. The main domain is j93i-jogosdecassino.somee.com.

This is the only time j93i-jogosdecassino.somee.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	198.37.116.25 198.37.116.25	17216 (DC74-AS) (DC74-AS)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:310... 2606:4700:3108::ac42:2b1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:816	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:a5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::2016	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3031::ac43:d44a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:44f2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	82.223.3.55 82.223.3.55	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1 2	23.206.208.114 23.206.208.114	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
24	16

3 198.37.116.25 (United States)

ASN17216 (DC74-AS, US)

j93i-jogosdecassino.somee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2b1b (United States)

ASN13335 (CLOUDFLARENET, US)

www.slotsup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

tragamonedasx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
freeslots247.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:816 (United States)

ASN13335 (CLOUDFLARENET, US)

image.winudf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:a5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.androidhackers.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:d44a (United States)

ASN13335 (CLOUDFLARENET, US)

realonlineslotscanada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:44f2 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.neonslots.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.vegasmaster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.223.3.55 (Spain)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

www.casinos-online.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.206.208.114 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-114.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	353 KB
3	somee.com j93i-jogosdecassino.somee.com	157 KB
2	addthis.com 1 redirects s7.addthis.com — Cisco Umbrella Rank: 2760	628 B
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130	175 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 415	33 KB
1	freeslots247.org freeslots247.org	64 KB
1	casinos-online.es www.casinos-online.es	77 KB
1	vegasmaster.com www.vegasmaster.com	94 KB
1	neonslots.com cdn.neonslots.com	55 KB
1	realonlineslotscanada.com realonlineslotscanada.com	82 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 122	224 KB
1	androidhackers.io cdn.androidhackers.io	97 KB
1	winudf.com image.winudf.com — Cisco Umbrella Rank: 58205	612 KB
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	5 KB
1	tragamonedasx.com tragamonedasx.com	170 KB
1	slotsup.com www.slotsup.com	211 KB
0	Failed function sub() { [native code] }. Failed
24	17

	Domain	Requested by
5	www.googletagmanager.com	j93i-jogosdecassino.somee.com
3	j93i-jogosdecassino.somee.com	j93i-jogosdecassino.somee.com
2	s7.addthis.com	1 redirects j93i-jogosdecassino.somee.com
2	pagead2.googlesyndication.com	j93i-jogosdecassino.somee.com pagead2.googlesyndication.com
1	ajax.googleapis.com	j93i-jogosdecassino.somee.com
1	freeslots247.org	j93i-jogosdecassino.somee.com
1	www.casinos-online.es	j93i-jogosdecassino.somee.com
1	www.vegasmaster.com	j93i-jogosdecassino.somee.com
1	cdn.neonslots.com	j93i-jogosdecassino.somee.com
1	realonlineslotscanada.com	j93i-jogosdecassino.somee.com
1	i.ytimg.com	j93i-jogosdecassino.somee.com
1	cdn.androidhackers.io	j93i-jogosdecassino.somee.com
1	image.winudf.com	j93i-jogosdecassino.somee.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	tragamonedasx.com	j93i-jogosdecassino.somee.com
1	www.slotsup.com	j93i-jogosdecassino.somee.com
0	91.215.152.128 Failed	j93i-jogosdecassino.somee.com
24	17

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
slotsup.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
tragamonedasx.com E1	`2023-07-12` - `2023-10-10`	3 months	crt.sh
winudf.com GTS CA 1P5	`2023-06-14` - `2023-09-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-18`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
realonlineslotscanada.com GTS CA 1P5	`2023-06-09` - `2023-09-07`	3 months	crt.sh
neonslots.com E1	`2023-07-12` - `2023-10-10`	3 months	crt.sh
vegasmaster.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
casinos-online.es R3	`2023-06-05` - `2023-09-03`	3 months	crt.sh
freeslots247.org GTS CA 1P5	`2023-06-16` - `2023-09-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://j93i-jogosdecassino.somee.com/bonus/page-459-2023-10-22.html
Frame ID: 096363456A41E301B27C2EB6DD824234
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20190131/zrt_lookup.html
Frame ID: C3F77C38936B09285439840CC02F920B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddThis (Widgets) Expand

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

79 %
HTTPS

80 %
IPv6

17
Domains

17
Subdomains

16
IPs

3
Countries

2409 kB
Transfer

3460 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
https://s7.addthis.com/js/300/addthis_widget.js

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request page-459-2023-10-22.html Show response
j93i-jogosdecassino.somee.com/bonus/ 35 KB
36 KB 1008ms
398ms Document
text/html 198.37.116.25
DC74-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://j93i-jogosdecassino.somee.com/bonus/page-459-2023-10-22.html
Protocol: HTTP/1.1
Server: 198.37.116.25 , United States, ASN17216 (DC74-AS, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c0dc0560b57f9e92343e5ab875588819706da854d630ca20346a875080197e97

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Content-Length: 36157
Content-Type: text/html
Date: Wed, 02 Aug 2023 23:50:17 GMT
ETag: "3536b2ae2b5d91:0"
Last-Modified: Wed, 12 Jul 2023 20:51:50 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H/1.1 200
OK bootstrap.min.css
j93i-jogosdecassino.somee.com/css/ 119 KB
120 KB 121ms
121ms Stylesheet
text/css 198.37.116.25
DC74-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://j93i-jogosdecassino.somee.com/css/bootstrap.min.css
Requested by: Host: j93i-jogosdecassino.somee.com
URL: http://j93i-jogosdecassino.somee.com/bonus/page-459-2023-10-22.html
Protocol: HTTP/1.1
Server: 198.37.116.25 , United States, ASN17216 (DC74-AS, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 77d6cef356868f46018abf1911b049186a3e4ca73b0f0cadf48033694324948c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://j93i-jogosdecassino.somee.com/bonus/page-459-2023-10-22.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Wed, 02 Aug 2023 23:50:17 GMT
Last-Modified: Wed, 12 Jul 2023 20:52:44 GMT
Server: Microsoft-IIS/10.0
ETag: "b24180ce2b5d91:0"
X-Powered-By: ASP.NET
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 122184

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 61ms
33ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6890287250975679

Requested by

Host: j93i-jogosdecassino.somee.com
URL: http://j93i-jogosdecassino.somee.com/bonus/page-459-2023-10-22.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b02a9195a2380ab3b1dff30f7782a9c64f8a250ab200f7037f981542ed9da1ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://j93i-jogosdecassino.somee.com/
Origin: http://j93i-jogosdecassino.somee.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 23:50:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50578
x-xss-protection: 0
server: cafe
etag: 17928899698407239867
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 23:50:17 GMT

GET
H/1.1 200
OK qwertymin.js Show response
j93i-jogosdecassino.somee.com/css/ 1 KB
2 KB 230ms
117ms Script
application/javascript 198.37.116.25
DC74-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://j93i-jogosdecassino.somee.com/css/qwertymin.js
Requested by: Host: j93i-jogosdecassino.somee.com
URL: http://j93i-jogosdecassino.somee.com/bonus/page-459-2023-10-22.html
Protocol: HTTP/1.1
Server: 198.37.116.25 , United States, ASN17216 (DC74-AS, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0ae5586d9890485b7d9cddaad714e8df68cb7abfd679402458149db9f38fdc42

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://j93i-jogosdecassino.somee.com/bonus/page-459-2023-10-22.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Wed, 02 Aug 2023 23:50:17 GMT
Last-Modified: Wed, 12 Jul 2023 20:52:43 GMT
Server: Microsoft-IIS/10.0
ETag: "4471eccd2b5d91:0"
X-Powered-By: ASP.NET
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1365

GET
H2 200 fruit-mania-deluxe-wazdan-casino-slots.png
www.slotsup.com/wp-content/uploads/ 211 KB
211 KB 258ms
232ms Image
image/webp 2606:4700:3108::ac42:2b1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.slotsup.com/wp-content/uploads/fruit-mania-deluxe-wazdan-casino-slots.png

Requested by

Host: j93i-jogosdecassino.somee.com
URL: http://j93i-jogosdecassino.somee.com/bonus/page-459-2023-10-22.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bfc0c76b4af9042437d3413c2ba3119e321653c1fc5abbdcb7ae66404bb9d70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://j93i-jogosdecassino.somee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 23:50:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=241636
content-disposition: inline; filename="fruit-mania-deluxe-wazdan-casino-slots.webp"
content-length: 215782
last-modified: Thu, 05 Dec 2019 09:44:30 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5de8d17e-3afe4"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7f0a38ecdda53617-FRA
expires: Tue, 31 Oct 2023 14:20:47 GMT

GET
H2 200 Oil-Mania-NextGen-Gaming.png
tragamonedasx.com/wp-content/uploads/sites/10040/2016/06/ 169 KB
170 KB 113ms
45ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tragamonedasx.com/wp-content/uploads/sites/10040/2016/06/Oil-Mania-NextGen-Gaming.png

Requested by

Host: j93i-jogosdecassino.somee.com
URL: http://j93i-jogosdecassino.somee.com/bonus/page-459-2023-10-22.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59736175858c18164c66cb1ee32aa99ef5255c71efe8274a98afaca9e193db9c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://j93i-jogosdecassino.somee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 23:50:18 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 172830
last-modified: Wed, 01 Jun 2016 13:21:00 GMT
server: cloudflare
etag: "574ee13c-2a31e"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKtn8IOpCl8hcAET0vfJGOQQ0d0BBATwz3jfKOtMpPSKVYURMNzc26geSBYCLyCVdDcho5YDmYPrvdDL2XJDEs2AnEZeEvGGSs1KT6dWPugArI5vjCOp1jqa1uFsDOgDjGBjyTEll8HvshrsOfU1%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7f0a38ef9fb7373b-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308020101/ 372 KB
125 KB 69ms
53ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890287250975679&plah=j93i-jogosdecassino.somee.com&bust=31076701

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6890287250975679

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d6d5c919700d11f780023287d79a727b7d228afd1c33c609ea7b78f05ea9a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://j93i-jogosdecassino.somee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 23:50:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128287
x-xss-protection: 0
server: cafe
etag: 5748259974647580639
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 23:50:18 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230731/r20190131/ Frame C3F7 10 KB
5 KB 27ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230731/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6890287250975679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://j93i-jogosdecassino.somee.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59668
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 07:15:50 GMT
etag: 12368291122986407432
expires: Wed, 16 Aug 2023 07:15:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 screen-6.jpg
image.winudf.com/v2/image1/c2xvdHMubWFuaWFnYW1lcy5jYXNpbm8uamFja3BvdC5tYWdpYy5wYXJ0eV9zY3JlZW5fNl8xNTQzMTI3MzY0XzA0NA/ 611 KB
612 KB 44ms
15ms Image
image/jpeg 2606:4700:20::681a:816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.winudf.com/v2/image1/c2xvdHMubWFuaWFnYW1lcy5jYXNpbm8uamFja3BvdC5tYWdpYy5wYXJ0eV9zY3JlZW5fNl8xNTQzMTI3MzY0XzA0NA/screen-6.jpg?fakeurl=1

Requested by

Host: j93i-jogosdecassino.somee.com
URL: http://j93i-jogosdecassino.somee.com/bonus/page-459-2023-10-22.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:816 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dca68d46c4417857d3a57560cda630115d2777ed9d1480ebb161f40b74af8081

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://j93i-jogosdecassino.somee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 23:50:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 130761
cf-polished: origSize=667195
x-cache: MISS
content-length: 625714
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: 73a4940a
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Znox%2F3cZfO8h%2BRnqa%2BwSJvgLsGa0Clm8Xv7HQnKayNHMA1D%2BINh9NCWGJTLf28I5TeMHJF3JzkQeZY4OWEBtqt4PoBDFrPDJqtNKIRk%2BnJkMCks4%2FtkCq0NrDf2w0iHcAyBXy7OOOElfUPpyEho%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f0a38f11d3b3630-FRA

GET
H2 200 Slotomania-Slots-Casino.jpg
cdn.androidhackers.io/2019/06/ 97 KB
97 KB 232ms
192ms Image
image/jpeg 2606:4700:20::681a:a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.androidhackers.io/2019/06/Slotomania-Slots-Casino.jpg
Requested by: Host: j93i-jogosdecassino.somee.com
URL: http://j93i-jogosdecassino.somee.com/bonus/page-459-2023-10-22.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3162103eb03379cd7eaf161f32c0fccb0b482792c46dcfc0a3d5ce7b7a0dd911

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://j93i-jogosdecassino.somee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 23:50:19 GMT
cf-cache-status: MISS
last-modified: Sat, 15 Jun 2019 08:29:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r4T9Wi3N31YnDAWdDxcKjo0PmpIrQhCSk4FMJxg26Y3O2WM5QrWkQQRvTXC3Ht2Gym3nydkePW5CuK5eXlLNMbQ929uewWYkwsfWYjwNFB7qdhvWUEV4cddb7gKFsYWFPRvbdlO12Mb%2FboybPdDe91bQLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2678400
cluster-host: cloud.apkgamescrack.com
accept-ranges: bytes
cf-ray: 7f0a38f19e274db3-FRA
content-length: 98864
expires: Thu, 30 Nov 2023 23:50:19 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/dl1xNcD3djk/ 224 KB
224 KB 111ms
81ms Image
image/jpeg 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/dl1xNcD3djk/maxresdefault.jpg

Requested by

Host: j93i-jogosdecassino.somee.com
URL: http://j93i-jogosdecassino.somee.com/bonus/page-459-2023-10-22.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e2623a4b32a5cb525457d40056cff4c786e40656e3314b08eded42b178079c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://j93i-jogosdecassino.somee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 23:50:19 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229253
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 03 Aug 2023 01:50:19 GMT

GET
H2 200 c4c790073a587031e6ff-768x512.jpg
realonlineslotscanada.com/wp-content/uploads/2018/12/ 81 KB
82 KB 111ms
80ms Image
image/jpeg 2606:4700:3031::ac43:d44a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://realonlineslotscanada.com/wp-content/uploads/2018/12/c4c790073a587031e6ff-768x512.jpg
Requested by: Host: j93i-jogosdecassino.somee.com
URL: http://j93i-jogosdecassino.somee.com/bonus/page-459-2023-10-22.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d44a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: addc0396204d198a5c61bd8fbcdfe9ae21a8957defe73af8fd1ccfcd74c8115f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://j93i-jogosdecassino.somee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 23:50:19 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 23 Dec 2018 11:20:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5c1f6f64-14505"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nBLs29%2BIpc9oQnvNlHRtRXW0g9ROf7tZcKSAHfK8FvgbmWgJx5orRxRgd8I54vMwMGN54Yam2i7CMsrmo19AZAs1bWXpzXTRmkvFoqQTe9llTi7bYeoZyEvqEX0go3d1T8bsgO4QyIOjE51jIXcctrnZ3LvWJ8M"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7f0a38f3ecb1363e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 83205

GET
H2 200 00.jpg
cdn.neonslots.com/content/thumbs/600x450/New_4_screenshots/Oil_Mania/ 54 KB
55 KB 71ms
16ms Image
image/jpeg 2606:4700:3033::6815:44f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.neonslots.com/content/thumbs/600x450/New_4_screenshots/Oil_Mania/00.jpg
Requested by: Host: j93i-jogosdecassino.somee.com
URL: http://j93i-jogosdecassino.somee.com/bonus/page-459-2023-10-22.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:44f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e29096fcad942b8536b9cddb21dd19380427f3abf9810d5096da3ae5ddeefd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://j93i-jogosdecassino.somee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 23:50:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 55615
pragma: public
last-modified: Mon, 26 Apr 2021 13:39:18 GMT
server: cloudflare
etag: "6086c286-d93f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFnVHeWcL97a8eyvS24Ok1Z4aJiO1NcQIQunZvw5Xcrt%2B8iFoRqMqwL0%2F1yoGF7BpHXup%2BLnkbUUqQLRdINMjLsBtA9SyUGInIBLwm5WHOqVt5HAIMeBegiI4aXHSjchjJ4SeHTlXlt0a9Ppm7oRmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=24192000
accept-ranges: bytes
cf-ray: 7f0a38f4dd36364e-FRA
expires: Wed, 08 May 2024 17:18:44 GMT

GET
H2 200 oil-mania-3.jpg
www.vegasmaster.com/de/wp-content/uploads/2013/10/ 93 KB
94 KB 99ms
71ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.vegasmaster.com/de/wp-content/uploads/2013/10/oil-mania-3.jpg

Requested by

Host: j93i-jogosdecassino.somee.com
URL: http://j93i-jogosdecassino.somee.com/bonus/page-459-2023-10-22.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50e0a7bed8f68707c6f671b2321fa2273c6fe969c624f3b822403cf03471546e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://j93i-jogosdecassino.somee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 23:50:19 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 95107
last-modified: Wed, 21 Dec 2016 21:49:21 GMT
server: cloudflare
etag: "585af8e1-17383"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tgWra%2FzLjW%2FQ7YgVhINkYBtVqtRJSGX%2BPWWmhkr%2FXpKLtPCKzSGXd%2FOQt7uAgGxVgbpL%2BTp2maT87KDqQzJfj7l8V5Su3W4zeCWqDkbjCW7%2FuxPq%2FX%2FY0T91p6Q%2BTQY3OokoYt7ZubY8Ga2KyfCpgLb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7f0a38f52be15c6e-FRA
expires: Wed, 16 Aug 2023 23:50:12 GMT

GET
H2 200 oil-mania-juega-gratis.jpg
www.casinos-online.es/pictures/ 77 KB
77 KB 201ms
41ms Image
image/webp 82.223.3.55
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.casinos-online.es/pictures/oil-mania-juega-gratis.jpg
Requested by: Host: j93i-jogosdecassino.somee.com
URL: http://j93i-jogosdecassino.somee.com/bonus/page-459-2023-10-22.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.223.3.55 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: 239d45369ec6241194ab8ae62a70d0bce76c5803ea15877fd0b58863453df820

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://j93i-jogosdecassino.somee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Aug 2023 23:50:19 GMT
last-modified: Fri, 16 Jul 2021 08:52:43 GMT
server: nginx
etag: "60f148db-13278"
vary: Accept
content-type: image/webp
cache-control: max-age=15552000, public
accept-ranges: bytes
content-length: 78456
expires: Mon, 29 Jan 2024 23:50:19 GMT

GET
H2 200 free-oil-mania17.jpg
freeslots247.org/i/s/91/ 64 KB
64 KB 824ms
767ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freeslots247.org/i/s/91/free-oil-mania17.jpg
Requested by: Host: j93i-jogosdecassino.somee.com
URL: http://j93i-jogosdecassino.somee.com/bonus/page-459-2023-10-22.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4261fc245d2f8e0e69e7a05d2a9fcd1ed1e123a5a0999f75acb363f85301697b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://j93i-jogosdecassino.somee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 23:50:20 GMT
cf-cache-status: EXPIRED
last-modified: Tue, 01 Aug 2023 11:31:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQ5xysGDB6M0XqbdbzWaaNXq79afgSw2kabgNqiPqXppcpcXKIMbKNbC58jvw82hxtf1I%2Bl%2BLbL2O6ekxQedp0k5ot%2FQ%2FAS%2BDRmCmuQ%2FJZxEEVIDaVTuMgIQdMvXtFHuDTym%2FSMBVT0CvKXKh6iJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
cf-ray: 7f0a38f7cb9a363b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: j93i-jogosdecassino.somee.com
URL: http://j93i-jogosdecassino.somee.com/bonus/page-459-2023-10-22.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://j93i-jogosdecassino.somee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 12:20:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jul 2024 12:20:56 GMT

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/300/
Redirect Chain

http://s7.addthis.com/js/300/addthis_widget.js
https://s7.addthis.com/js/300/addthis_widget.js

56 B
361 B

57ms
17ms

Script
text/javascript

23.206.208.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: j93i-jogosdecassino.somee.com
URL: http://j93i-jogosdecassino.somee.com/bonus/page-459-2023-10-22.html

Protocol

Server

23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-114.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://j93i-jogosdecassino.somee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 02 Aug 2023 23:50:18 GMT
server: Oracle API Gateway
opc-request-id: /9DE067F85711F616FB9C9C1C969EB649/1EBD5926AE2CF5FFAB42981DEFD2108C
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

Redirect headers

Date: Wed, 02 Aug 2023 23:50:18 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/300/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
89 KB 43ms
23ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WKKLPLJP3V

Requested by

Host: j93i-jogosdecassino.somee.com
URL: http://j93i-jogosdecassino.somee.com/bonus/page-459-2023-10-22.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bebba29c28541c1dc7797986626dfe63c1a135e8e5cd1bd8c802ced99f02b61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://j93i-jogosdecassino.somee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 23:50:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90234
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 02 Aug 2023 23:50:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
84 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B29892VMGP

Requested by

Host: j93i-jogosdecassino.somee.com
URL: http://j93i-jogosdecassino.somee.com/bonus/page-459-2023-10-22.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d91e33a4bb66e4c005f9763541f0504ec303763ce7ed66fdb01b4c42c1eebc07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://j93i-jogosdecassino.somee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 23:50:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85645
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 02 Aug 2023 23:50:21 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
60 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-96521599-1

Requested by

Host: j93i-jogosdecassino.somee.com
URL: http://j93i-jogosdecassino.somee.com/bonus/page-459-2023-10-22.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b6e793b9cb1e4a538e7ad2e9b5ebead8fcc3b9a72338ae00c87bd2024a18abd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://j93i-jogosdecassino.somee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 23:50:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61667
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 22:09:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 02 Aug 2023 23:50:21 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
60 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-199856617-1

Requested by

Host: j93i-jogosdecassino.somee.com
URL: http://j93i-jogosdecassino.somee.com/bonus/page-459-2023-10-22.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b9fae643eda10bb016edf6b620994c12b23c579bdbac516264edd36cd57ec28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://j93i-jogosdecassino.somee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 23:50:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61669
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 22:09:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 02 Aug 2023 23:50:21 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
60 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-162690612-1

Requested by

Host: j93i-jogosdecassino.somee.com
URL: http://j93i-jogosdecassino.somee.com/bonus/page-459-2023-10-22.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d67f1d060af0f42664f0ba2739aad3a78e3dfd2ffb6dfa0fd630ec38a44c285f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://j93i-jogosdecassino.somee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 23:50:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61623
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 22:09:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 02 Aug 2023 23:50:21 GMT

GET bronline
91.215.152.128/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 91.215.152.128
URL: http://91.215.152.128/bronline?default_keyword=Slot+gratis+Oil+Mania

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://91.215.152.128/bronline?default_keyword=Slot+gratis+Oil+Mania, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://91.215.152.128/bronline?default_keyword=Slot+gratis+Oil+Mania, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

91.215.152.128
ajax.googleapis.com
cdn.androidhackers.io
cdn.neonslots.com
freeslots247.org
googleads.g.doubleclick.net
i.ytimg.com
image.winudf.com
j93i-jogosdecassino.somee.com
pagead2.googlesyndication.com
realonlineslotscanada.com
s7.addthis.com
tragamonedasx.com
www.casinos-online.es
www.googletagmanager.com
www.slotsup.com
www.vegasmaster.com
91.215.152.128
198.37.116.25
23.206.208.114
2606:4700:20::681a:816
2606:4700:20::681a:a5
2606:4700:3031::ac43:d44a
2606:4700:3033::6815:44f2
2606:4700:3108::ac42:2b1b
2a00:1450:4001:803::2016
2a00:1450:4001:80b::2008
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a06:98c1:3120::3
2a06:98c1:3121::3
82.223.3.55
0ae5586d9890485b7d9cddaad714e8df68cb7abfd679402458149db9f38fdc42
0e29096fcad942b8536b9cddb21dd19380427f3abf9810d5096da3ae5ddeefd7
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
239d45369ec6241194ab8ae62a70d0bce76c5803ea15877fd0b58863453df820
2d6d5c919700d11f780023287d79a727b7d228afd1c33c609ea7b78f05ea9a06
3162103eb03379cd7eaf161f32c0fccb0b482792c46dcfc0a3d5ce7b7a0dd911
4261fc245d2f8e0e69e7a05d2a9fcd1ed1e123a5a0999f75acb363f85301697b
4bfc0c76b4af9042437d3413c2ba3119e321653c1fc5abbdcb7ae66404bb9d70
50e0a7bed8f68707c6f671b2321fa2273c6fe969c624f3b822403cf03471546e
59736175858c18164c66cb1ee32aa99ef5255c71efe8274a98afaca9e193db9c
5e2623a4b32a5cb525457d40056cff4c786e40656e3314b08eded42b178079c3
77d6cef356868f46018abf1911b049186a3e4ca73b0f0cadf48033694324948c
8b9fae643eda10bb016edf6b620994c12b23c579bdbac516264edd36cd57ec28
addc0396204d198a5c61bd8fbcdfe9ae21a8957defe73af8fd1ccfcd74c8115f
b02a9195a2380ab3b1dff30f7782a9c64f8a250ab200f7037f981542ed9da1ce
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b6e793b9cb1e4a538e7ad2e9b5ebead8fcc3b9a72338ae00c87bd2024a18abd3
bebba29c28541c1dc7797986626dfe63c1a135e8e5cd1bd8c802ced99f02b61c
c0dc0560b57f9e92343e5ab875588819706da854d630ca20346a875080197e97
d67f1d060af0f42664f0ba2739aad3a78e3dfd2ffb6dfa0fd630ec38a44c285f
d91e33a4bb66e4c005f9763541f0504ec303763ce7ed66fdb01b4c42c1eebc07
dca68d46c4417857d3a57560cda630115d2777ed9d1480ebb161f40b74af8081
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

j93i-jogosdecassino.somee.com Open in urlscan Pro 198.37.116.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

24 Requests

79 %HTTPS

80 %IPv6

17 Domains

17 Subdomains

16 IPs

3 Countries

2409 kBTransfer

3460 kBSize

0 Cookies

0 Outgoing links

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

j93i-jogosdecassino.somee.com Open in urlscan Pro
198.37.116.25 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

79 %
HTTPS

80 %
IPv6

17
Domains

17
Subdomains

16
IPs

3
Countries

2409 kB
Transfer

3460 kB
Size

0
Cookies

24 HTTP transactions
0 data transactions