urlscan.io logo urlscan.io
SecurityTrails logo

apostaslive.bitcoincasinousa.com Open in urlscan Pro
198.58.116.74  Public Scan

Go To Rescan Add Verdict Report
URL: http://apostaslive.bitcoincasinousa.com/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On June 03 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 8 countries across 23 domains to perform 79 HTTP transactions. The main IP is 198.58.116.74, located in Richardson, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is apostaslive.bitcoincasinousa.com.
This is the only time apostaslive.bitcoincasinousa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 198.58.116.74 63949 (AKAMAI-LI...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 104.18.19.47 13335 (CLOUDFLAR...)
1 2 104.18.18.47 13335 (CLOUDFLAR...)
3 75.102.57.54 23352 (SERVERCEN...)
3 83.147.204.12 202492 (SGHL1-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 93.191.195.99 209924 (MLBLTD-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2620:1ec:bdf::45 8075 (MICROSOFT...)
5 83.147.204.132 202492 (SGHL1-AS)
1 40.127.232.184 8075 (MICROSOFT...)
1 83.147.205.153 202492 (SGHL1-AS)
17 2606:4700::68... 13335 (CLOUDFLAR...)
1 195.201.147.169 24940 (HETZNER-AS)
1 46.8.8.100 60592 (GRANSY Gr...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 139.45.195.8 9002 (RETN-AS)
1 216.18.168.28 29789 (REFLECTED)
8 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.69.68.15 8075 (MICROSOFT...)
6 199.59.243.223 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.66 15169 (GOOGLE)
79 25
12    198.58.116.74 (Richardson, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: txpro14.fcomet.com
apostaslive.bitcoincasinousa.com
apostaslive.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    104.18.19.47 (None, )

ASN13335 (CLOUDFLARENET, US)
betwaypartners.com
2    104.18.18.47 (None, )

ASN13335 (CLOUDFLARENET, US)
betwaypartners.com
www.betwaypartners.com
3    75.102.57.54 (Amsterdam, Netherlands)

ASN23352 (SERVERCENTRAL, US)
PTR: sh-europe100.banahosting.com
www.apostas.mobi
3    83.147.204.12 (Iran, Islamic Republic Of)

ASN202492 (SGHL1-AS, SC)
refbanners.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    93.191.195.99 (Dublin, Ireland)

ASN209924 (MLBLTD-AS, IE)
mediaserver.gvcaffiliates.com
1    2606:4700::6812:bd8 (United States)

ASN13335 (CLOUDFLARENET, US)
mediaserver.entainpartners.com
4    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ads.leovegas.com
wlpartnersonly.eacdn.com
5    83.147.204.132 (Iran, Islamic Republic Of)

ASN202492 (SGHL1-AS, SC)
refpasrasw.world
1    40.127.232.184 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
wlpartnersonly.adsrv.eacdn.com
1    83.147.205.153 (Iran, Islamic Republic Of)

ASN202492 (SGHL1-AS, SC)
affpa.top
17    2606:4700::6812:ad65 (United States)

ASN13335 (CLOUDFLARENET, US)
c.bannerflow.net
1    195.201.147.169 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.169.147.201.195.clients.your-server.de
trk.22betpartners.com
1    46.8.8.100 (Prague, Czech Republic)

ASN60592 (GRANSY Gransy s.r.o. gransy.com, CZ)
retaraka.ru
1    2606:4700:3030::6815:2ed2 (United States)

ASN13335 (CLOUDFLARENET, US)
ufpcdn.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    216.18.168.28 (United States)

ASN29789 (REFLECTED, US)
trafforsrv.com
8    2606:4700::6810:4f68 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.bannerflow.com
1    13.69.68.15 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
575e53c686585416146c4c3c.tracker.bannerflow.com
6    199.59.243.223 (United States)

ASN16509 (AMAZON-02, US)
ww82.retaraka.ru
3    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700::6810:5268 (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.host.bannerflow.com
2    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
afs.googleusercontent.com
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
afs.googlesyndication.com
Apex Domain
Subdomains		 Transfer
17 bannerflow.net
c.bannerflow.net — Cisco Umbrella Rank: 8684
184 KB
11 apostaslive.com
apostaslive.com
87 KB
10 bannerflow.com
cdn.bannerflow.com — Cisco Umbrella Rank: 61431
575e53c686585416146c4c3c.tracker.bannerflow.com
scripts.host.bannerflow.com — Cisco Umbrella Rank: 495231
60 KB
7 retaraka.ru
retaraka.ru
ww82.retaraka.ru
27 KB
5 refpasrasw.world
refpasrasw.world
38 KB
4 eacdn.com
wloddsring.adsrv.eacdn.com Failed
wlpartnersonly.adsrv.eacdn.com
wlpartnersonly.eacdn.com
18 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
109 KB
3 refbanners.com
refbanners.com — Cisco Umbrella Rank: 952321
3 KB
3 apostas.mobi
www.apostas.mobi
102 KB
3 betwaypartners.com
betwaypartners.com
www.betwaypartners.com
15 KB
2 googleusercontent.com
afs.googleusercontent.com — Cisco Umbrella Rank: 10023
1 KB
1 googlesyndication.com
afs.googlesyndication.com — Cisco Umbrella Rank: 12385
1 KB
1 trafforsrv.com
trafforsrv.com — Cisco Umbrella Rank: 147986
505 B
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 9719
492 B
1 ufpcdn.com
ufpcdn.com — Cisco Umbrella Rank: 196173
1 KB
1 22betpartners.com
trk.22betpartners.com
3 KB
1 affpa.top
affpa.top — Cisco Umbrella Rank: 501159
113 KB
1 leovegas.com
ads.leovegas.com
893 B
1 entainpartners.com
mediaserver.entainpartners.com — Cisco Umbrella Rank: 197110
740 B
1 gvcaffiliates.com
mediaserver.gvcaffiliates.com
314 B
1 gstatic.com
fonts.gstatic.com
26 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 66
1 KB
1 bitcoincasinousa.com
apostaslive.bitcoincasinousa.com
8 KB
79 23
Domain Requested by
17 c.bannerflow.net ads.leovegas.com
c.bannerflow.net
11 apostaslive.com apostaslive.bitcoincasinousa.com
8 cdn.bannerflow.com mediaserver.entainpartners.com
cdn.bannerflow.com
6 ww82.retaraka.ru retaraka.ru
ww82.retaraka.ru
5 refpasrasw.world apostaslive.bitcoincasinousa.com
refpasrasw.world
3 www.google.com ww82.retaraka.ru
www.google.com
3 wlpartnersonly.eacdn.com wlpartnersonly.adsrv.eacdn.com
3 refbanners.com apostaslive.bitcoincasinousa.com
refbanners.com
3 www.apostas.mobi apostaslive.bitcoincasinousa.com
2 afs.googleusercontent.com www.google.com
2 betwaypartners.com 2 redirects
1 afs.googlesyndication.com
1 scripts.host.bannerflow.com cdn.bannerflow.com
1 575e53c686585416146c4c3c.tracker.bannerflow.com cdn.bannerflow.com
1 trafforsrv.com apostaslive.bitcoincasinousa.com
1 my.rtmark.net apostaslive.bitcoincasinousa.com
1 ufpcdn.com trk.22betpartners.com
1 retaraka.ru trk.22betpartners.com
1 trk.22betpartners.com refpasrasw.world
1 affpa.top refbanners.com
1 wlpartnersonly.adsrv.eacdn.com apostaslive.bitcoincasinousa.com
1 ads.leovegas.com apostaslive.bitcoincasinousa.com
1 mediaserver.entainpartners.com apostaslive.bitcoincasinousa.com
1 mediaserver.gvcaffiliates.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 www.betwaypartners.com apostaslive.bitcoincasinousa.com
1 fonts.googleapis.com apostaslive.bitcoincasinousa.com
1 apostaslive.bitcoincasinousa.com
0 wloddsring.adsrv.eacdn.com Failed apostaslive.bitcoincasinousa.com
79 29
Subject Issuer Validity Valid
apostas.mobi
cPanel, Inc. Certification Authority		 2023-04-29 -
2023-07-28		 3 months crt.sh
*.refbanners.com
R3		 2023-04-09 -
2023-07-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-07 -
2024-02-06		 a year crt.sh
ntrfr.gogocasino.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-03 -
2023-10-23		 9 months crt.sh
*.refpasrasw.world
R3		 2023-05-25 -
2023-08-23		 3 months crt.sh
*.adsrv.eacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-18 -
2023-08-15		 a year crt.sh
ia-prod-azurecdn.eacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-29 -
2023-11-30		 a year crt.sh
*.affpa.top
R3		 2023-03-18 -
2023-06-16		 3 months crt.sh
trk.22betpartners.com
R3		 2023-04-13 -
2023-07-12		 3 months crt.sh
*.retaraka.ru
R3		 2023-05-21 -
2023-08-19		 3 months crt.sh
ufpcdn.com
GTS CA 1P5		 2023-05-10 -
2023-08-08		 3 months crt.sh
rtmark.net
R3		 2023-05-06 -
2023-08-04		 3 months crt.sh
*.trafforsrv.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-03 -
2023-11-16		 a year crt.sh
*.tracker.bannerflow.com
R3		 2023-05-29 -
2023-08-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
bannerflow.com
Cloudflare Inc ECC CA-3		 2022-12-26 -
2023-12-26		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh

This page contains 13 frames:

Primary Page: http://apostaslive.bitcoincasinousa.com/
Frame ID: DD749939EBB3CFBB543136B138763D8D
Requests: 18 HTTP requests in this frame

Frame: https://refbanners.com/I?tag=d_28207m_28619c_&site=28207&ad=28619
Frame ID: A68D069FE7D6F9070BBF1DC429080E4D
Requests: 4 HTTP requests in this frame

Frame: https://mediaserver.entainpartners.com/renderBanner.do?zoneId=1908321&t=f&v=1&securedDomain=y
Frame ID: FABC25DD804A0AF59FA231C712ACD660
Requests: 4 HTTP requests in this frame

Frame: https://ads.leovegas.com/ad.aspx?bid=15928&pid=3650092
Frame ID: ADEE8AF8B217708EAB7F713E32B67270
Requests: 10 HTTP requests in this frame

Frame: http://ww82.retaraka.ru/
Frame ID: F4D69CBCCF6E83A38E2C6297EABB3DEA
Requests: 17 HTTP requests in this frame

Frame: https://wloddsring.adsrv.eacdn.com/I.ashx?btag=a_605b_178c_&affid=8315222&siteid=605&adid=178&c=
Frame ID: E934A215F44FA76B8C37CADD85349427
Requests: 1 HTTP requests in this frame

Frame: https://wlpartnersonly.adsrv.eacdn.com/I.ashx?btag=a_521b_10984c_&affid=351&siteid=521&adid=10984&c=
Frame ID: C65BF240375610F823947316A2DC2C1E
Requests: 4 HTTP requests in this frame

Frame: https://ufpcdn.com/script/get.html
Frame ID: 6034928B81A4C70B820DBCF8B2546968
Requests: 1 HTTP requests in this frame

Frame: https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c939.rGH0urbi00C6.html?cb=637076018826615287&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06c%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c93a%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c939%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c939%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908321&trackerId=4905519&wm=4905519&zoneid=1908321&ref=http%3A%2F%2Fapostaslive.bitcoincasinousa.com%2F
Frame ID: 320FC63D2F8BB92D4ED7E63C6968CB1D
Requests: 2 HTTP requests in this frame

Frame: blob://https://ads.leovegas.com/455cb61b-5ec3-42cf-ae1b-18d07010b350
Frame ID: E8D7F358FD4653EB1BC4E6C50F7DEF8E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c939.html?cb=637076018807842946&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06c%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c93a%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c939%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c939%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908321&trackerId=4905519&wm=4905519&zoneid=1908321&ref=http%3A%2F%2Fapostaslive.bitcoincasinousa.com%2F
Frame ID: BDE99F7D444DD9F8C42F58D52F192355
Requests: 5 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fleovegas%2F55634380f50b9613805936af%2Fimages%2Fe32f101f-764b-4469-9da2-f9a3e7a94908.png&w=348&h=178&q=85&f=webp&rt=contain
Frame ID: BA2D268F29CC681023A52788B2ADE580
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol130%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol307%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol431&client=dp-bodis31_3ph&r=m&sc_status=0&hl=de&rpbu=http%3A%2F%2Fww82.retaraka.ru%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2502185569747978&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301187%2C17301190&format=r3&nocache=311685778319981&num=0&output=afd_ads&domain_name=ww82.retaraka.ru&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1685778319982&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=300&ish=100&psw=284&psh=76&frm=2&cl=536423577&uio=-&cont=rs&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fww82.retaraka.ru%2F&adbw=master-1%3A284
Frame ID: 26DD5365291B9EE994B880E2A5537C47
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Apostas Live .com – Apostas esportivas online Live.

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

79
Requests

71 %
HTTPS

38 %
IPv6

23
Domains

29
Subdomains

25
IPs

8
Countries

797 kB
Transfer

1576 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • http://betwaypartners.com/affiliate_media/96b64b459f6bc6ce.gif?fid=92755&si=70552&ai=484749 HTTP 301
  • https://betwaypartners.com/affiliate_media/96b64b459f6bc6ce.gif?fid=92755&si=70552&ai=484749 HTTP 302
  • https://www.betwaypartners.com/affiliate_media/96b64b459f6bc6ce.gif?fid=92755&si=70552&ai=484749
Request Chain 16
  • https://mediaserver.gvcaffiliates.com/renderBanner.do?zoneId=1908321&t=f&v=1&securedDomain=y HTTP 301
  • https://mediaserver.entainpartners.com/renderBanner.do?zoneId=1908321&t=f&v=1&securedDomain=y

79 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
apostaslive.bitcoincasinousa.com/ 		32 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://apostaslive.bitcoincasinousa.com/
Protocol
HTTP/1.1
Server
198.58.116.74 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
txpro14.fcomet.com
Software
LiteSpeed / PHP/7.4.33
Resource Hash
53bd78ec0d8a4620b53459f433b6213c5ff1105146f8047afacc5765d2fe1811

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 03 Jun 2023 07:45:17 GMT
link
<https://apostaslive.com/wp-json/>; rel="https://api.w.org/"
server
LiteSpeed
transfer-encoding
chunked
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
style.min.css
apostaslive.com/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://apostaslive.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.5
Requested by
Host: apostaslive.bitcoincasinousa.com
URL: http://apostaslive.bitcoincasinousa.com/
Protocol
HTTP/1.1
Server
198.58.116.74 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
txpro14.fcomet.com
Software
LiteSpeed /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://apostaslive.bitcoincasinousa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:17 GMT
content-encoding
gzip
last-modified
Mon, 04 Jul 2022 22:40:38 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
11658
expires
Sat, 10 Jun 2023 07:45:17 GMT
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Yanone+Kaffeesatz%3A200%2C300%2C400%2C700&ver=6.0.5
Requested by
Host: apostaslive.bitcoincasinousa.com
URL: http://apostaslive.bitcoincasinousa.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b02c15e9a9d2d7c3f23814d2f78b53940b200d9ef2445760716651ed1a78f544
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://apostaslive.bitcoincasinousa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Sat, 03 Jun 2023 07:45:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Sat, 03 Jun 2023 07:45:17 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Sat, 03 Jun 2023 07:45:17 GMT
athemes-glyphs.css
apostaslive.com/wp-content/themes/hiero/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://apostaslive.com/wp-content/themes/hiero/css/athemes-glyphs.css?ver=6.0.5
Requested by
Host: apostaslive.bitcoincasinousa.com
URL: http://apostaslive.bitcoincasinousa.com/
Protocol
HTTP/1.1
Server
198.58.116.74 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
txpro14.fcomet.com
Software
LiteSpeed /
Resource Hash
bbb308b822dc108d1d72667a76cc1300c61d62b2a6aa76814d160afc5c24e167

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://apostaslive.bitcoincasinousa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:17 GMT
content-encoding
gzip
last-modified
Thu, 08 Oct 2020 17:23:48 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
1012
expires
Sat, 10 Jun 2023 07:45:17 GMT
bootstrap.min.css
apostaslive.com/wp-content/themes/hiero/css/ 		104 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://apostaslive.com/wp-content/themes/hiero/css/bootstrap.min.css?ver=6.0.5
Requested by
Host: apostaslive.bitcoincasinousa.com
URL: http://apostaslive.bitcoincasinousa.com/
Protocol
HTTP/1.1
Server
198.58.116.74 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
txpro14.fcomet.com
Software
LiteSpeed /
Resource Hash
186c40d06fc13830497a7b9f42bc14538c1b7fa0b98560c7911e6e1a935f769d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://apostaslive.bitcoincasinousa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:17 GMT
content-encoding
gzip
last-modified
Thu, 08 Oct 2020 17:23:48 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
17083
expires
Sat, 10 Jun 2023 07:45:17 GMT
style.css
apostaslive.com/wp-content/themes/hiero/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://apostaslive.com/wp-content/themes/hiero/style.css?ver=6.0.5
Requested by
Host: apostaslive.bitcoincasinousa.com
URL: http://apostaslive.bitcoincasinousa.com/
Protocol
HTTP/1.1
Server
198.58.116.74 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
txpro14.fcomet.com
Software
LiteSpeed /
Resource Hash
d9e670c2fd5aaf09df614d38ecbcacc53869788d00cd4a8212e14c380e6b7d38

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://apostaslive.bitcoincasinousa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:17 GMT
content-encoding
gzip
last-modified
Thu, 08 Oct 2020 17:23:48 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
4766
expires
Sat, 10 Jun 2023 07:45:17 GMT
jquery.min.js
apostaslive.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://apostaslive.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: apostaslive.bitcoincasinousa.com
URL: http://apostaslive.bitcoincasinousa.com/
Protocol
HTTP/1.1
Server
198.58.116.74 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
txpro14.fcomet.com
Software
LiteSpeed /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://apostaslive.bitcoincasinousa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:17 GMT
content-encoding
gzip
last-modified
Thu, 11 Mar 2021 02:37:24 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
30969
expires
Sat, 10 Jun 2023 07:45:17 GMT
jquery-migrate.min.js
apostaslive.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://apostaslive.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: apostaslive.bitcoincasinousa.com
URL: http://apostaslive.bitcoincasinousa.com/
Protocol
HTTP/1.1
Server
198.58.116.74 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
txpro14.fcomet.com
Software
LiteSpeed /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://apostaslive.bitcoincasinousa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:17 GMT
content-encoding
gzip
last-modified
Wed, 18 Nov 2020 20:36:06 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
4168
expires
Sat, 10 Jun 2023 07:45:17 GMT
bootstrap.min.js
apostaslive.com/wp-content/themes/hiero/js/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://apostaslive.com/wp-content/themes/hiero/js/bootstrap.min.js?ver=6.0.5
Requested by
Host: apostaslive.bitcoincasinousa.com
URL: http://apostaslive.bitcoincasinousa.com/
Protocol
HTTP/1.1
Server
198.58.116.74 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
txpro14.fcomet.com
Software
LiteSpeed /
Resource Hash
b260d056edb6c39eeeed00ffc7bccded9160bb9c1f03c62d77a99181ae88a08b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://apostaslive.bitcoincasinousa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:17 GMT
content-encoding
gzip
last-modified
Thu, 08 Oct 2020 17:23:48 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
7575
expires
Sat, 10 Jun 2023 07:45:17 GMT
superfish.js
apostaslive.com/wp-content/themes/hiero/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://apostaslive.com/wp-content/themes/hiero/js/superfish.js?ver=6.0.5
Requested by
Host: apostaslive.bitcoincasinousa.com
URL: http://apostaslive.bitcoincasinousa.com/
Protocol
HTTP/1.1
Server
198.58.116.74 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
txpro14.fcomet.com
Software
LiteSpeed /
Resource Hash
c6c0530410b587e023f52ad084f5102f6a3d1e3dc20d0ab9cfc350d1ad1efdb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://apostaslive.bitcoincasinousa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:17 GMT
content-encoding
gzip
last-modified
Thu, 08 Oct 2020 17:23:48 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
1934
expires
Sat, 10 Jun 2023 07:45:17 GMT
supersubs.js
apostaslive.com/wp-content/themes/hiero/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://apostaslive.com/wp-content/themes/hiero/js/supersubs.js?ver=6.0.5
Requested by
Host: apostaslive.bitcoincasinousa.com
URL: http://apostaslive.bitcoincasinousa.com/
Protocol
HTTP/1.1
Server
198.58.116.74 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
txpro14.fcomet.com
Software
LiteSpeed /
Resource Hash
9f3a8ca6c59bb47419f2d5561d604bdd2d62e7769bb0fa7bbc8117a30e62ed09

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://apostaslive.bitcoincasinousa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:17 GMT
content-encoding
gzip
last-modified
Thu, 08 Oct 2020 17:23:48 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
765
expires
Sat, 10 Jun 2023 07:45:17 GMT
settings.js
apostaslive.com/wp-content/themes/hiero/js/ 		458 B
686 B 		Script
General
Check archive.org
Download Go to
Full URL
http://apostaslive.com/wp-content/themes/hiero/js/settings.js?ver=6.0.5
Requested by
Host: apostaslive.bitcoincasinousa.com
URL: http://apostaslive.bitcoincasinousa.com/
Protocol
HTTP/1.1
Server
198.58.116.74 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
txpro14.fcomet.com
Software
LiteSpeed /
Resource Hash
7586b9e64f3df13c21479b161e873a7b174a86be0dc6d7d4c4972672e5589e96

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://apostaslive.bitcoincasinousa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:17 GMT
content-encoding
gzip
last-modified
Thu, 08 Oct 2020 17:23:48 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
302
expires
Sat, 10 Jun 2023 07:45:17 GMT
96b64b459f6bc6ce.gif
www.betwaypartners.com/affiliate_media/
Redirect Chain
  • http://betwaypartners.com/affiliate_media/96b64b459f6bc6ce.gif?fid=92755&si=70552&ai=484749
  • https://betwaypartners.com/affiliate_media/96b64b459f6bc6ce.gif?fid=92755&si=70552&ai=484749
  • https://www.betwaypartners.com/affiliate_media/96b64b459f6bc6ce.gif?fid=92755&si=70552&ai=484749
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betwaypartners.com/affiliate_media/96b64b459f6bc6ce.gif?fid=92755&si=70552&ai=484749
Requested by
Host: apostaslive.bitcoincasinousa.com
URL: http://apostaslive.bitcoincasinousa.com/
Protocol
H2
Server
104.18.18.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56b1a91e9925c3152f369793126eb3a020955c181dbf7d65f191ecda2f914774
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://apostaslive.bitcoincasinousa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:18 GMT
strict-transport-security
max-age=7776000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
age
20456
cf-polished
origFmt=gif, origSize=16118
content-disposition
inline; filename="96b64b459f6bc6ce.webp"
content-length
13420
request-context
appId=cid-v1:90789067-4c49-410a-9681-34f59d34c59a
last-modified
Sat, 03 Jun 2023 02:04:22 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=65944
accept-ranges
bytes
cf-ray
7d1650d86a5a3654-FRA
expires
Sun, 04 Jun 2023 02:04:22 GMT

Redirect headers

location
https://www.betwaypartners.com/affiliate_media/96b64b459f6bc6ce.gif?fid=92755&si=70552&ai=484749
date
Sat, 03 Jun 2023 07:45:18 GMT
strict-transport-security
max-age=7776000; includeSubDomains
server
cloudflare
cf-ray
7d1650d7f9ba3654-FRA
content-length
0
vary
Accept-Encoding
jogoresponsavel.jpg
www.apostas.mobi/wp-content/uploads/2020/03/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.apostas.mobi/wp-content/uploads/2020/03/jogoresponsavel.jpg
Requested by
Host: apostaslive.bitcoincasinousa.com
URL: http://apostaslive.bitcoincasinousa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
75.102.57.54 Amsterdam, Netherlands, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
sh-europe100.banahosting.com
Software
/
Resource Hash
b3200581983512a4c9c7f9c53e2330a35c28edeebd51fd8a70d8510102ed6996

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://apostaslive.bitcoincasinousa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:18 GMT
last-modified
Sun, 15 Mar 2020 15:19:51 GMT
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
8396
expires
Sat, 10 Jun 2023 07:45:18 GMT
wp-emoji-release.min.js
apostaslive.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://apostaslive.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.5
Requested by
Host: apostaslive.bitcoincasinousa.com
URL: http://apostaslive.bitcoincasinousa.com/
Protocol
HTTP/1.1
Server
198.58.116.74 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
txpro14.fcomet.com
Software
LiteSpeed /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://apostaslive.bitcoincasinousa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:17 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 16:26:24 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
5021
expires
Sat, 10 Jun 2023 07:45:17 GMT
I
refbanners.com/ Frame A68D 		625 B
609 B 		Document
General
Check archive.org
Download Go to
Full URL
https://refbanners.com/I?tag=d_28207m_28619c_&site=28207&ad=28619
Requested by
Host: apostaslive.bitcoincasinousa.com
URL: http://apostaslive.bitcoincasinousa.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.147.204.12 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
9f4b756f015be8057f91cf3b5eba1be5e8704da9f6d1fc2c7cda0d11bb03bdbe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://apostaslive.bitcoincasinousa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
410
content-type
text/html; charset=utf-8
date
Sat, 03 Jun 2023 07:45:18 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-aspnetmvc-version
5.0
3y976aknfjLm_3lMKjiMgmUUYBs04Y8bH-o.woff2
fonts.gstatic.com/s/yanonekaffeesatz/v24/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/yanonekaffeesatz/v24/3y976aknfjLm_3lMKjiMgmUUYBs04Y8bH-o.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Yanone+Kaffeesatz%3A200%2C300%2C400%2C700&ver=6.0.5
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c57101bb57275c8c8cafc5d6216131a378c4388a52656ed3770068cd0ab10b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://apostaslive.bitcoincasinousa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Wed, 31 May 2023 01:01:22 GMT
X-Content-Type-Options
nosniff
Age
283435
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
25540
X-XSS-Protection
0
Last-Modified
Tue, 23 Aug 2022 18:11:50 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Thu, 30 May 2024 01:01:22 GMT
renderBanner.do
mediaserver.entainpartners.com/ Frame FABC
Redirect Chain
  • https://mediaserver.gvcaffiliates.com/renderBanner.do?zoneId=1908321&t=f&v=1&securedDomain=y
  • https://mediaserver.entainpartners.com/renderBanner.do?zoneId=1908321&t=f&v=1&securedDomain=y
329 B
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mediaserver.entainpartners.com/renderBanner.do?zoneId=1908321&t=f&v=1&securedDomain=y
Requested by
Host: apostaslive.bitcoincasinousa.com
URL: http://apostaslive.bitcoincasinousa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f316edba5d088adfa0f0e901daa68a75cd22a9f8c16ae1260518d9b4fab319aa

Request headers

Referer
http://apostaslive.bitcoincasinousa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7d1650d8be762bc3-FRA
content-encoding
gzip
content-language
de-DE
content-type
text/html;charset=UTF-8
date
Sat, 03 Jun 2023 07:45:18 GMT
server
cloudflare
vary
Accept-Encoding
x-ua-compatible
IE=EmulateIE7

Redirect headers

Connection
Keep-Alive
Content-Length
313
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 03 Jun 2023 07:45:18 GMT
Keep-Alive
timeout=5, max=100
Location
https://mediaserver.entainpartners.com/renderBanner.do?zoneId=1908321&t=f&v=1&securedDomain=y
Server
Apache
ad.aspx
ads.leovegas.com/ Frame ADEE 		263 B
893 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.leovegas.com/ad.aspx?bid=15928&pid=3650092
Requested by
Host: apostaslive.bitcoincasinousa.com
URL: http://apostaslive.bitcoincasinousa.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
2184040d479d84587f5fee0684936810117f97981b7208f20d2686f3df02f26f

Request headers

Referer
http://apostaslive.bitcoincasinousa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-expose-headers
Request-Context
cache-control
private,no-cache, no-store
content-length
263
content-type
text/html; charset=utf-8
date
Sat, 03 Jun 2023 07:45:18 GMT
p3p
CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
pragma
no-cache
request-context
appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
x-aspnet-version
4.0.30319
x-azure-ref
20230603T074518Z-r1d6wqpryt7sx20ac1ggg226p000000000z0000000008pcz
x-cache
CONFIG_NOCACHE
x-powered-by
ASP.NET
I
refpasrasw.world/ Frame F4D6 		737 B
650 B 		Document
General
Check archive.org
Download Go to
Full URL
https://refpasrasw.world/I?tag=d_596065m_32337c_&site=596065&ad=32337
Requested by
Host: apostaslive.bitcoincasinousa.com
URL: http://apostaslive.bitcoincasinousa.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.147.204.132 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
78139a222ffa67be2661292396fefa8f5001f5b9f67e3e5969229c96a741c898
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://apostaslive.bitcoincasinousa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
451
content-type
text/html; charset=utf-8
date
Sat, 03 Jun 2023 07:45:18 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-aspnetmvc-version
5.0
I.ashx
wloddsring.adsrv.eacdn.com/ Frame E934 		0
0
I.ashx
wlpartnersonly.adsrv.eacdn.com/ Frame C65B 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wlpartnersonly.adsrv.eacdn.com/I.ashx?btag=a_521b_10984c_&affid=351&siteid=521&adid=10984&c=
Requested by
Host: apostaslive.bitcoincasinousa.com
URL: http://apostaslive.bitcoincasinousa.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
40.127.232.184 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
228fca9b43da30757480eec3fb2850954977d258616efc22b2d21003556e3e2f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://apostaslive.bitcoincasinousa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
private
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
687
Content-Type
text/html; charset=utf-8
Date
Sat, 03 Jun 2023 07:45:17 GMT
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
netbetbrazil.gif
www.apostas.mobi/wp-content/uploads/2020/03/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.apostas.mobi/wp-content/uploads/2020/03/netbetbrazil.gif
Requested by
Host: apostaslive.bitcoincasinousa.com
URL: http://apostaslive.bitcoincasinousa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
75.102.57.54 Amsterdam, Netherlands, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
sh-europe100.banahosting.com
Software
/
Resource Hash
70cb866e223d85d2d1e8e40c4c8a974d31ba828166f63649c9d7445e42f461ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://apostaslive.bitcoincasinousa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 03 Jun 2023 07:45:18 GMT
cache-control
public, max-age=604800
last-modified
Sun, 15 Mar 2020 15:06:33 GMT
accept-ranges
bytes
content-length
20609
expires
Sat, 10 Jun 2023 07:45:18 GMT
728x90_v3rivalo.gif
www.apostas.mobi/wp-content/uploads/2016/11/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.apostas.mobi/wp-content/uploads/2016/11/728x90_v3rivalo.gif
Requested by
Host: apostaslive.bitcoincasinousa.com
URL: http://apostaslive.bitcoincasinousa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
75.102.57.54 Amsterdam, Netherlands, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
sh-europe100.banahosting.com
Software
/
Resource Hash
2030670e741bd3c703b83ff53fd2193e3dd69db63bc4344d1d0eb3082740858c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://apostaslive.bitcoincasinousa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 03 Jun 2023 07:45:18 GMT
cache-control
public, max-age=604800
last-modified
Wed, 30 May 2018 15:29:03 GMT
accept-ranges
bytes
content-length
74865
expires
Sat, 10 Jun 2023 07:45:18 GMT
343b5d14-b5b5-4fd9-b7b6-637a6a69cd4e.jpg
refpasrasw.world/img/AdAgent_15/ Frame F4D6 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refpasrasw.world/img/AdAgent_15/343b5d14-b5b5-4fd9-b7b6-637a6a69cd4e.jpg
Requested by
Host: refpasrasw.world
URL: https://refpasrasw.world/I?tag=d_596065m_32337c_&site=596065&ad=32337
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.147.204.132 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
a2a6a2711d9987f87740d95ed09ecd902065e20250001b577b2c1930a618be1b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refpasrasw.world/I?tag=d_596065m_32337c_&site=596065&ad=32337
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Fri, 29 May 2020 09:25:38 GMT
server
nginx
etag
"095311d9b35d61:0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
35275
checker.js
refpasrasw.world/checker/ Frame F4D6 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refpasrasw.world/checker/checker.js
Requested by
Host: refpasrasw.world
URL: https://refpasrasw.world/I?tag=d_596065m_32337c_&site=596065&ad=32337
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.147.204.132 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
198a55310d4d5b786ff571ff4f16a66505bb17545c557818c8de810851616955
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refpasrasw.world/I?tag=d_596065m_32337c_&site=596065&ad=32337
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:18 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Tue, 10 May 2022 06:49:25 GMT
server
nginx
etag
W/"627a0af5-1843"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=3600
expires
Sat, 03 Jun 2023 08:45:18 GMT
analytics.js
refpasrasw.world/Script/ Frame F4D6 		177 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://refpasrasw.world/Script/analytics.js
Requested by
Host: refpasrasw.world
URL: https://refpasrasw.world/I?tag=d_596065m_32337c_&site=596065&ad=32337
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.147.204.132 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
ecbd308a0759262635980298fe3491ae93666dc2e8af420496c8e6ab77e1231f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refpasrasw.world/I?tag=d_596065m_32337c_&site=596065&ad=32337
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:18 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Thu, 13 Apr 2023 07:09:40 GMT
server
nginx
etag
"052f9e9d66dd91:0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
177
s.5.6.min.js
wlpartnersonly.eacdn.com/TrafficOpt/ Frame C65B 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wlpartnersonly.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Requested by
Host: wlpartnersonly.adsrv.eacdn.com
URL: https://wlpartnersonly.adsrv.eacdn.com/I.ashx?btag=a_521b_10984c_&affid=351&siteid=521&adid=10984&c=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wlpartnersonly.adsrv.eacdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:18 GMT
content-encoding
br
last-modified
Wed, 30 Mar 2016 16:08:31 GMT
etag
W/"56fbf9ff-1a7b"
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
application/javascript
x-azure-ref
20230603T074518Z-bnk87nwvn94xmd0qtun1x7dew800000002qg00000000pt8p
cache-control
max-age=0, no-cache
Ad_10984.js
wlpartnersonly.eacdn.com/wlpartnersonly/affimages/js/ Frame C65B 		688 B
922 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wlpartnersonly.eacdn.com/wlpartnersonly/affimages/js/Ad_10984.js?t=2023060307
Requested by
Host: wlpartnersonly.adsrv.eacdn.com
URL: https://wlpartnersonly.adsrv.eacdn.com/I.ashx?btag=a_521b_10984c_&affid=351&siteid=521&adid=10984&c=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
692202887eb4ccda9683e3b1742871b576c715ce61679f8edeaef86f7b08a56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wlpartnersonly.adsrv.eacdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:18 GMT
last-modified
Wed, 01 Mar 2023 20:53:56 GMT
etag
"63ffbb64-2b0"
x-azure-ref
20230603T074518Z-bnk87nwvn94xmd0qtun1x7dew800000002qg00000000pt8q
x-cache
TCP_HIT
content-type
application/javascript
cache-control
max-age=0, no-cache
accept-ranges
bytes
content-length
688
4867ac6e-4e7c-43c5-816f-1df23af22e16.gif
affpa.top/img/AdAgent_1/ Frame A68D 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://affpa.top/img/AdAgent_1/4867ac6e-4e7c-43c5-816f-1df23af22e16.gif
Requested by
Host: refbanners.com
URL: https://refbanners.com/I?tag=d_28207m_28619c_&site=28207&ad=28619
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.147.205.153 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
a90af1111b43fbf301d80143e5e2cfe2a1a79ec54ad8a200bbed010d6a4044ef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refbanners.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Mon, 10 Feb 2020 10:54:40 GMT
server
nginx
etag
"0583f7e0e0d51:0"
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
115613
checker.js
refbanners.com/checker/ Frame A68D 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refbanners.com/checker/checker.js
Requested by
Host: refbanners.com
URL: https://refbanners.com/I?tag=d_28207m_28619c_&site=28207&ad=28619
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.147.204.12 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
198a55310d4d5b786ff571ff4f16a66505bb17545c557818c8de810851616955
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refbanners.com/I?tag=d_28207m_28619c_&site=28207&ad=28619
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:18 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Tue, 10 May 2022 06:49:25 GMT
server
nginx
etag
W/"627a0af5-1843"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=3600
expires
Sat, 03 Jun 2023 08:45:18 GMT
62a8df1c7f785aa8b1157bb1
c.bannerflow.net/a/ Frame ADEE 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/62a8df1c7f785aa8b1157bb1?did=5d418e55d70bd60001d0f6a1&redirecturl=http%3A%2F%2Fntrfr.leovegas.com%2Fredirect.aspx%3Fbid%3D15928%26pid%3D3650092%26redirectUrl%3D
Requested by
Host: ads.leovegas.com
URL: https://ads.leovegas.com/ad.aspx?bid=15928&pid=3650092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f765b84754695710d819b09181cb9743288d3aad0c5cb81ca0ad818ba18191f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.leovegas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:18 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 02 Jun 2023 13:15:22 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
7d1650d8bbf69b83-FRA
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
/
refpasrasw.world/redirect/stat/run/ Frame F4D6 		14 B
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://refpasrasw.world/redirect/stat/run/
Requested by
Host: refpasrasw.world
URL: https://refpasrasw.world/checker/checker.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.147.204.132 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://refpasrasw.world/I?tag=d_596065m_32337c_&site=596065&ad=32337
x-requested-with
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
nginx
content-length
14
content-type
application/json
analytics.js
trk.22betpartners.com/ Frame F4D6 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk.22betpartners.com/analytics.js
Requested by
Host: refpasrasw.world
URL: https://refpasrasw.world/Script/analytics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
195.201.147.169 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.169.147.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
177cd9f4ce7cd61fd3aa6d51ce7e618640fecd6a4b1df991853cbbecdc213243

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refpasrasw.world/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Sat, 03 Jun 2023 07:45:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Dec 2018 12:21:12 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"5c1b8938-16a7"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
4c897dc2-46d5-4999-bf52-7971c2c93fa4.gif
wlpartnersonly.eacdn.com/wlpartnersonly/affimages/ Frame C65B 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wlpartnersonly.eacdn.com/wlpartnersonly/affimages/4c897dc2-46d5-4999-bf52-7971c2c93fa4.gif
Requested by
Host: wlpartnersonly.adsrv.eacdn.com
URL: https://wlpartnersonly.adsrv.eacdn.com/I.ashx?btag=a_521b_10984c_&affid=351&siteid=521&adid=10984&c=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b1e1c1975680cede3dcdbf7b667e98e29232826d7c5a71f6306a4a30bb92662d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wlpartnersonly.adsrv.eacdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:18 GMT
last-modified
Wed, 01 Mar 2023 20:49:48 GMT
etag
"63ffba6c-2fe2"
x-azure-ref
20230603T074518Z-bnk87nwvn94xmd0qtun1x7dew800000002qg00000000pt96
x-cache
TCP_HIT
content-type
image/gif
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
12258
preload.jpg
c.bannerflow.net/accounts/leovegas/55634380f50b9613805936af/published/2503433/6263741/ Frame ADEE 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/leovegas/55634380f50b9613805936af/published/2503433/6263741/preload.jpg
Requested by
Host: ads.leovegas.com
URL: https://ads.leovegas.com/ad.aspx?bid=15928&pid=3650092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7e395d1fa493ada5a3165234c2d11c0166727af349c71953c9d046201927e21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.leovegas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Jun 2023 07:45:18 GMT
cf-cache-status
HIT
age
66596
content-length
10538
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 19 May 2023 09:27:34 GMT
server
cloudflare
etag
"0x8DB584B4749BF5C"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
8204cef6-701e-000a-4754-954991000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
accept-ranges
bytes
cf-ray
7d1650d91c5f9b83-FRA
retarget.min.js
retaraka.ru/ Frame F4D6 		44 B
112 B 		Script
General
Check archive.org
Download Go to
Full URL
https://retaraka.ru/retarget.min.js
Requested by
Host: trk.22betpartners.com
URL: https://trk.22betpartners.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.8.8.100 Prague, Czech Republic, ASN60592 (GRANSY Gransy s.r.o. gransy.com, CZ),
Reverse DNS
Software
/
Resource Hash
deab07af91aa3e2969b811f091b15c0909788ba3ee59f1354bd6a2b5dc8a4e38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refpasrasw.world/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:19 GMT
content-length
44
content-type
application/javascript
get.html
ufpcdn.com/script/ Frame 6034 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ufpcdn.com/script/get.html
Requested by
Host: trk.22betpartners.com
URL: https://trk.22betpartners.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12a698f19828bebe8f29cbdd35621fdf8af7b54ee5418f8b531fefddb7184ccf

Request headers

Referer
https://refpasrasw.world/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d1650d958cbbba7-FRA
content-encoding
br
content-type
text/html
date
Sat, 03 Jun 2023 07:45:18 GMT
last-modified
Tue, 15 May 2018 06:39:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5sU%2F9Hy5adjsPf7NG9FopxJfXxP3Wz%2FMLsaEX1WEfnwYhFsklS90Wd82WGcurRg%2FlHoTnapdS81WBuNS1Wwke9dBnl%2BOW%2FTg09His76ST7LrCIG3VDZVUU6uuJR0NG149O2Df0ApCJ9"}],"group":"cf-nel","max_age":604800}
server
cloudflare
img.gif
my.rtmark.net/ Frame F4D6 		43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=sync&partner=79feac9f07b0b230068004b917c7a413280f014cdd6924738961274f3a56077c&ttl=&rurl=http://apostaslive.bitcoincasinousa.com/
Requested by
Host: apostaslive.bitcoincasinousa.com
URL: http://apostaslive.bitcoincasinousa.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refpasrasw.world/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:18 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
retargeting.php
trafforsrv.com/ Frame F4D6 		35 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trafforsrv.com/retargeting.php?id=1021
Requested by
Host: apostaslive.bitcoincasinousa.com
URL: http://apostaslive.bitcoincasinousa.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
216.18.168.28 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
nginx /
Resource Hash
3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refpasrasw.world/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Jun 2023 07:45:18 GMT
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
content-length
35
expires
0
/
c.bannerflow.net/tr/v2/pixel/ Frame ADEE 		0
81 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/62a8df1c7f785aa8b1157bb1?did=5d418e55d70bd60001d0f6a1&redirecturl=http%3A%2F%2Fntrfr.leovegas.com%2Fredirect.aspx%3Fbid%3D15928%26pid%3D3650092%26redirectUrl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.leovegas.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 03 Jun 2023 07:45:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7d1650d93c819b83-FRA
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
5dc30a1c509e6d169063b06c
cdn.bannerflow.com/bf-placements/ Frame FABC 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/bf-placements/5dc30a1c509e6d169063b06c?targetwindow=_blank&&clickservice=https%3A%2F%2Fmediaserver.entainpartners.com%2FtrackAffiliateClick.do%3FzoneId%3D1908321%26trackerId%3D4905519&wm=4905519&zoneid=1908321
Requested by
Host: mediaserver.entainpartners.com
URL: https://mediaserver.entainpartners.com/renderBanner.do?zoneId=1908321&t=f&v=1&securedDomain=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a702f8eff035674b33bdb4128ebc271e050dce7463bf70cb9e42dffc677c5513

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediaserver.entainpartners.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Jun 2023 07:45:18 GMT
content-encoding
br
cf-cache-status
REVALIDATED
content-md5
Lzmt+rkun/5kjTQYD1870w==
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 06 Nov 2019 17:59:56 GMT
server
cloudflare
etag
W/"0x8D762E321EDA659"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b520b203-401e-0010-1376-94d76a000000
cache-control
public,max-age=900
x-ms-version
2014-02-14
cf-ray
7d1650d9befe9162-FRA
/
refbanners.com/redirect/stat/run/ Frame A68D 		67 B
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://refbanners.com/redirect/stat/run/
Requested by
Host: refbanners.com
URL: https://refbanners.com/checker/checker.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.147.204.12 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),
Reverse DNS
Software
nginx /
Resource Hash
7ec8517d039158f8f629b16bb98455220496ba9ba711ea8e0ecb9d78f3e96ce4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://refbanners.com/I?tag=d_28207m_28619c_&site=28207&ad=28619
x-requested-with
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:18 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
nginx
vary
Accept-Encoding
content-type
application/json; charset=utf-8
render.min.js
cdn.bannerflow.com/scripts/1.5.8/ Frame FABC 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/scripts/1.5.8/render.min.js
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-placements/5dc30a1c509e6d169063b06c?targetwindow=_blank&&clickservice=https%3A%2F%2Fmediaserver.entainpartners.com%2FtrackAffiliateClick.do%3FzoneId%3D1908321%26trackerId%3D4905519&wm=4905519&zoneid=1908321
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c17e2e405e202306a1593ccb35d514da7af18f411e9d7a31e0556e16bc4f43df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediaserver.entainpartners.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Jun 2023 07:45:18 GMT
content-encoding
br
cf-cache-status
REVALIDATED
content-md5
b6UAGszaXaX21rwCOKLyNg==
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 09 Oct 2019 06:50:49 GMT
server
cloudflare
etag
W/"0x8D74C8504DB248F"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8d3934f2-901e-0013-625a-8b360e000000
cache-control
public, max-age=31530000
x-ms-version
2014-02-14
cf-ray
7d1650da8fdf9162-FRA
59561c98bd8d3e173850c939.rGH0urbi00C6.html
cdn.bannerflow.com/bf-banners/ Frame 320F 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c939.rGH0urbi00C6.html?cb=637076018826615287&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06c%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c93a%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c939%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c939%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908321&trackerId=4905519&wm=4905519&zoneid=1908321&ref=http%3A%2F%2Fapostaslive.bitcoincasinousa.com%2F
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/scripts/1.5.8/render.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbbd42e8b062056f9aaa9fd6ff1c2d0b83462e1abbf1ff558dd1dfa1dbdd6eb2

Request headers

Referer
https://mediaserver.entainpartners.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
public, max-age=900
cf-cache-status
REVALIDATED
cf-ray
7d1650db58bd9162-FRA
content-encoding
br
content-md5
GW8FYnP+ZCDOCZZVBLhpdQ==
content-type
text/html
date
Sat, 03 Jun 2023 07:45:18 GMT
last-modified
Tue, 01 Sep 2020 22:03:04 GMT
server
cloudflare
vary
Accept-Encoding
x-ms-blob-type
BlockBlob
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-request-id
33650fc9-b01e-0076-8076-94984a000000
x-ms-version
2014-02-14
pixel
575e53c686585416146c4c3c.tracker.bannerflow.com/api/tr/v1/ Frame FABC 		32 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://575e53c686585416146c4c3c.tracker.bannerflow.com/api/tr/v1/pixel?data=%7B%22u%22%3A%7B%22sr%22%3A%5B1600%2C1200%5D%2C%22tz%22%3A%22%2B0000%22%2C%22r%22%3A%22http%3A%2F%2Fapostaslive.bitcoincasinousa.com%2F%22%2C%22s%22%3A%221685778318608_35394%22%7D%2C%22a%22%3A%7B%22vs%22%3A%22v1.5.8%22%2C%22a%22%3A%22pgsm%22%2C%22br%22%3A%22575e53c686585416146c4c3c%22%2C%22c%22%3A%2258d91bcf9db2143fe8a27676%22%2C%22ad%22%3A%2259561c98bd8d3e173850c93a%22%2C%22p%22%3A%225dc30a1c509e6d169063b06c%22%2C%22b%22%3A%2259561c98bd8d3e173850c939%22%2C%22pl%22%3A1%2C%22r%22%3A0%2C%22an%22%3A1%2C%22s%22%3A%22575e53c686585416146c4c40%22%2C%22t%22%3A%2259561c96bd8d3e173850c911%22%2C%22l%22%3A%2258da145b9db213171c1507f0%22%2C%22bf%22%3A%2258d91bdc9db2143fe8a2769e%22%7D%2C%22e%22%3A%5B%7B%22d%22%3A1685778318608%2C%22t%22%3A1%2C%22v%22%3A%7B%22vw%22%3A1%2C%22s%22%3A0%7D%7D%5D%7D
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/scripts/1.5.8/render.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.68.15 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediaserver.entainpartners.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin
https://mediaserver.entainpartners.com
date
Sat, 03 Jun 2023 07:45:18 GMT
cache-control
no-store, must-revalidate, no-cache
access-control-allow-credentials
true
content-type
image/gif
server
Kestrel
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
59561c98bd8d3e173850c939.rGH0urbi00C6.gif
cdn.bannerflow.com/bf-images/ Frame 320F 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bannerflow.com/bf-images/59561c98bd8d3e173850c939.rGH0urbi00C6.gif?cb=637076018825725554
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c939.rGH0urbi00C6.html?cb=637076018826615287&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06c%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c93a%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c939%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c939%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908321&trackerId=4905519&wm=4905519&zoneid=1908321&ref=http%3A%2F%2Fapostaslive.bitcoincasinousa.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f439b921e94f6a3173aca8df7e263ebf0de224cc833d06d755360801c748017

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c939.rGH0urbi00C6.html?cb=637076018826615287&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06c%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c93a%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c939%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c939%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908321&trackerId=4905519&wm=4905519&zoneid=1908321&ref=http%3A%2F%2Fapostaslive.bitcoincasinousa.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Jun 2023 07:45:18 GMT
cf-cache-status
REVALIDATED
content-md5
iCkxiEeyy78SBCsIn8AmfQ==
cf-polished
origFmt=gif, origSize=36009
content-disposition
inline; filename="59561c98bd8d3e173850c939.webp"
content-length
15856
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Fri, 25 Oct 2019 12:04:45 GMT
server
cloudflare
etag
"0x8D7594386BCE169"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
x-ms-request-id
8bbb6e52-a01e-0008-0776-94080d000000
cache-control
public, max-age=900
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d1650dba9089162-FRA
/
ww82.retaraka.ru/ Frame F4D6 		855 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ww82.retaraka.ru/
Requested by
Host: retaraka.ru
URL: https://retaraka.ru/retarget.min.js
Protocol
HTTP/1.1
Server
199.59.243.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
439b911267756bddee7e3997d7af8bf6083d2780a2c904756406cd96f10f7eac

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
sec-ch-prefers-color-scheme
Cache-Control
no-cache no-store, must-revalidate post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Critical-CH
sec-ch-prefers-color-scheme
Date
Sat, 03 Jun 2023 07:45:19 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Pragma
no-cache
Server
openresty
Transfer-Encoding
chunked
Vary
sec-ch-prefers-color-scheme
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_faesnDwIeRluhJjLpNqaQrMyF2s/JQtAVHsScTKueRWdKIwcMhQ1zc0mG8MS4n8zk0YZxPIx44mqbf9PCPQNbQ==
document.000000011EE230.js
c.bannerflow.net/accounts/leovegas/55634380f50b9613805936af/published/2503433/6263741/ Frame ADEE 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/leovegas/55634380f50b9613805936af/published/2503433/6263741/document.000000011EE230.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/62a8df1c7f785aa8b1157bb1?did=5d418e55d70bd60001d0f6a1&redirecturl=http%3A%2F%2Fntrfr.leovegas.com%2Fredirect.aspx%3Fbid%3D15928%26pid%3D3650092%26redirectUrl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fb34961a26bfdc7f4173352abf8b98494cb122ff60aee77670a2a2813556d38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.leovegas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Jun 2023 07:45:19 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
CA6FrgMZEfmZZ+IujzBoCg==
age
66595
cf-polished
origSize=27387
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Fri, 19 May 2023 09:27:36 GMT
server
cloudflare
etag
W/"0x8DB584B4838C60D"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
df488d03-d01e-0071-1f54-950b0d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
7d1650df5bda9b83-FRA
animated-creative.322e55c9365620f3a62c.js
c.bannerflow.net/scripts/ Frame ADEE 		156 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.322e55c9365620f3a62c.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/62a8df1c7f785aa8b1157bb1?did=5d418e55d70bd60001d0f6a1&redirecturl=http%3A%2F%2Fntrfr.leovegas.com%2Fredirect.aspx%3Fbid%3D15928%26pid%3D3650092%26redirectUrl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56ce92887c108586bf63058a06f051e957f58936396e829d5fddeb59dbab0e59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.leovegas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Jun 2023 07:45:19 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
juPt1GbRx23XCKIRo1MiKA==
age
1983942
cf-polished
origSize=159689
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Thu, 11 May 2023 08:35:06 GMT
server
cloudflare
etag
W/"0x8DB51FA9F714A4E"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
519b5b89-b01e-0083-3ae4-83f344000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
7d1650df5bdc9b83-FRA
truncated
/ Frame ADEE 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/webp
455cb61b-5ec3-42cf-ae1b-18d07010b350
https://ads.leovegas.com/ Frame E8D7 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://ads.leovegas.com/455cb61b-5ec3-42cf-ae1b-18d07010b350
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.322e55c9365620f3a62c.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Length
668
Content-Type
font
c.bannerflow.net/fs/api/v2/ Frame ADEE 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F55634292f50b9632e4f4c59a%2F55634380f50b9613805936af%2F49a4adf7-65d5-4c2f-86e2-dccacf806df3.woff&t=%0A%20%21%24015ACGRadeimoprstu%C3%A1%C3%B3
Requested by
Host: ads.leovegas.com
URL: https://ads.leovegas.com/ad.aspx?bid=15928&pid=3650092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
325a5e1ebfacacb24923c3fc57381ed286d3167dfcd6f3b26e0a0f283ce5b9e8

Request headers

Referer
https://ads.leovegas.com/
Origin
https://ads.leovegas.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:19 GMT
cf-cache-status
MISS
last-modified
Sat, 03 Jun 2023 07:45:19 GMT
server
cloudflare
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=49a4adf7-65d5-4c2f-86e2-dccacf806df3-subset.woff
cf-ray
7d1650e09f5e30c4-FRA
expires
Sun, 02 Jun 2024 07:45:19 GMT
parking.2.105.5.js
ww82.retaraka.ru/js/ Frame F4D6 		66 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ww82.retaraka.ru/js/parking.2.105.5.js
Requested by
Host: ww82.retaraka.ru
URL: http://ww82.retaraka.ru/
Protocol
HTTP/1.1
Server
199.59.243.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
4c0831bbff079ac28d7851a6e15469845cb70f8f7de0005adcac65c5922205e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ww82.retaraka.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Jun 2023 07:45:19 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Jun 2023 16:51:23 GMT
Server
openresty
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
59561c98bd8d3e173850c939.html
cdn.bannerflow.com/bf-banners/ Frame BDE9 		31 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c939.html?cb=637076018807842946&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06c%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c93a%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c939%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c939%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908321&trackerId=4905519&wm=4905519&zoneid=1908321&ref=http%3A%2F%2Fapostaslive.bitcoincasinousa.com%2F
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/scripts/1.5.8/render.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c63172eb629de490d928f81262ef1e4041cf768b509c17e44c0d5094b255db0

Request headers

Referer
https://mediaserver.entainpartners.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
public,max-age=900
cf-cache-status
MISS
cf-ray
7d1650e238c29162-FRA
content-encoding
br
content-md5
O1K9dKmm5E7NAwizAqxXNQ==
content-type
text/html
date
Sat, 03 Jun 2023 07:45:19 GMT
last-modified
Fri, 25 Oct 2019 12:04:40 GMT
server
cloudflare
vary
Accept-Encoding
x-ms-blob-type
BlockBlob
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-request-id
7a1efba6-f01e-0058-03ef-95ca5d000000
x-ms-version
2014-02-14
font
c.bannerflow.net/fs/api/v2/ Frame ADEE 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F55634292f50b9632e4f4c59a%2F55634380f50b9613805936af%2F3d4ecfd6-201f-4b0a-845b-a411efb7ecf5.woff&t=AOPRST
Requested by
Host: ads.leovegas.com
URL: https://ads.leovegas.com/ad.aspx?bid=15928&pid=3650092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd0380953980ff3b1c4316483e41ab5e298f1b8a593b5201fc180f18802f77c7

Request headers

Referer
https://ads.leovegas.com/
Origin
https://ads.leovegas.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:19 GMT
cf-cache-status
HIT
last-modified
Wed, 31 May 2023 18:02:44 GMT
server
cloudflare
age
222155
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=3d4ecfd6-201f-4b0a-845b-a411efb7ecf5-subset.woff
cf-ray
7d1650e2396a30c4-FRA
expires
Thu, 30 May 2024 18:02:44 GMT
font
c.bannerflow.net/fs/api/v2/ Frame ADEE 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F55634292f50b9632e4f4c59a%2F55634380f50b9613805936af%2Fe22eb3d9-4dfe-453b-851a-5b38f066829d.woff&t=%20%26%2C.CPSTacdefgijlmnoprstuv%C3%A1
Requested by
Host: ads.leovegas.com
URL: https://ads.leovegas.com/ad.aspx?bid=15928&pid=3650092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a68f188a6727640c7e64b31f29e08c65cfc60240d8c7574129c9cf0ccbb4991e

Request headers

Referer
https://ads.leovegas.com/
Origin
https://ads.leovegas.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:19 GMT
cf-cache-status
HIT
last-modified
Thu, 01 Jun 2023 13:22:15 GMT
server
cloudflare
age
152584
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=e22eb3d9-4dfe-453b-851a-5b38f066829d-subset.woff
cf-ray
7d1650e2598330c4-FRA
expires
Fri, 31 May 2024 13:22:15 GMT
optimize
c.bannerflow.net/io/api/image/ Frame BA2D 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fleovegas%2F55634380f50b9613805936af%2Fimages%2Fe32f101f-764b-4469-9da2-f9a3e7a94908.png&w=348&h=178&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f56d75166090eb324e439d7c529018b7e8212e40f4bb6db318c3e71e632c074

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:19 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Jun 2023 13:15:27 GMT
api-supported-versions
2.0
server
cloudflare
age
66592
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7d1650e28f7a9b83-FRA
content-length
17292
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame BA2D 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fleovegas%2F55634380f50b9613805936af%2Fimages%2Fb994db2a-fe0a-4238-8dd5-d08ba973a9c3.png&w=388&h=314&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2fe0dea345de0acd32426a6654d88ecce1d5b39014f327d2b286a48f5919585

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:19 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Jun 2023 13:15:27 GMT
api-supported-versions
2.0
server
cloudflare
age
66592
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7d1650e28f7c9b83-FRA
content-length
10714
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame BA2D 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fleovegas%2F55634380f50b9613805936af%2Fimages%2F8765689c-62cc-4836-9eed-a719846da2b1.png&w=237&h=475&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dd1f36bf25471c6fcded93343d62ddecfd58f5734680c614dc3a1841ed518dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:19 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Jun 2023 13:15:27 GMT
api-supported-versions
2.0
server
cloudflare
age
66592
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7d1650e28f7e9b83-FRA
content-length
9356
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame BA2D 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fleovegas%2F55634380f50b9613805936af%2Fimages%2Fbd8219a4-2d36-4439-977f-33dec876ba75.png&w=187&h=374&q=60&f=webp&rt=cover&x1=156&y1=0&x2=1094&y2=1875
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05acd87e2d5632266033c06e4d8ab4aa17b7520215a9fc08e54b28f7bacdb49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:19 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Jun 2023 13:15:27 GMT
api-supported-versions
2.0
server
cloudflare
age
66592
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7d1650e28f7f9b83-FRA
content-length
8540
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame BA2D 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fleovegas%2F55634380f50b9613805936af%2Fimages%2F5da0f73e-68da-4ed5-836a-18cf6acd3cb3.png&w=210&h=340&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
115de82621541fbb6f2c7dbcb27d4609902f04c3a53f7949edc1257aeca36f43

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:19 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Jun 2023 13:15:27 GMT
api-supported-versions
2.0
server
cloudflare
age
66592
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7d1650e28f829b83-FRA
content-length
9768
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame BA2D 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fleovegas%2F55634380f50b9613805936af%2Fimages%2F7f77a426-0156-41b3-83af-88ead1d80ec9.png&w=160&h=62&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3e7fc38b56f3a8188e8bfbfefa298fd6934dec337552dd8b72f8d468e11de64

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:19 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Jun 2023 13:15:27 GMT
api-supported-versions
2.0
server
cloudflare
age
66592
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7d1650e29f989b83-FRA
content-length
4908
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame BA2D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fleovegas%2F55634380f50b9613805936af%2Fimages%2Fabecf43a-377b-493e-9eb0-df9d59e9fb9f.png&w=209&h=22&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3085c3045e80543cb143efdea02f29f6a514e0a285cc722fd931618dac071a1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:20 GMT
cf-cache-status
MISS
last-modified
Sat, 03 Jun 2023 07:45:20 GMT
api-supported-versions
2.0
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7d1650e29f9e9b83-FRA
content-length
2108
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame BA2D 		976 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fleovegas%2F55634380f50b9613805936af%2Fimages%2F06d499ea-7d47-4d38-8cbe-0c111b42f432.png&w=90&h=45&q=60&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2264a671020ab1ea7234f7e6aa75a57c9f8e5a52ac366cb62940754c250098e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:19 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Jun 2023 13:15:27 GMT
api-supported-versions
2.0
server
cloudflare
age
66592
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7d1650e29fa09b83-FRA
content-length
976
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame BA2D 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fleovegas%2F55634380f50b9613805936af%2Fimages%2Fb910e6ad-b8c0-44ab-972a-1d5c22d721f8.png&w=74&h=69&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a383ae4cb7a7e24fd1cf11171f6dd626e93dfab96741cae6f62c0ab90c4b1362

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:19 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Jun 2023 13:15:27 GMT
api-supported-versions
2.0
server
cloudflare
age
66592
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
7d1650e29fa19b83-FRA
content-length
5316
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
_fd
ww82.retaraka.ru/ Frame F4D6 		4 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
http://ww82.retaraka.ru/_fd
Requested by
Host: ww82.retaraka.ru
URL: http://ww82.retaraka.ru/js/parking.2.105.5.js
Protocol
HTTP/1.1
Server
199.59.243.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
1a4af64cd895472b2d01ac6793dcd495148f6de7f4d0ca032d60e40e6c626121

Request headers

Accept
application/json
Referer
http://ww82.retaraka.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

X-Version
2.105.5
Date
Sat, 03 Jun 2023 07:45:19 GMT
Content-Encoding
gzip
Pragma
no-cache
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
caf.js
www.google.com/adsense/domains/ Frame F4D6 		145 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js
Requested by
Host: ww82.retaraka.ru
URL: http://ww82.retaraka.ru/js/parking.2.105.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5472a121d9858b8889a3003195d55b8cbe142caa65c5a390da6adc1b84ab631
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ww82.retaraka.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"7507535832772147841"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Sat, 03 Jun 2023 07:45:19 GMT
px.gif
ww82.retaraka.ru/ Frame F4D6 		42 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ww82.retaraka.ru/px.gif?ch=1&rn=6.975146524670082
Requested by
Host: ww82.retaraka.ru
URL: http://ww82.retaraka.ru/
Protocol
HTTP/1.1
Server
199.59.243.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ww82.retaraka.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Jun 2023 07:45:19 GMT
Last-Modified
Wed, 15 Sep 2021 19:38:30 GMT
Server
openresty
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:01 GMT
px.gif
ww82.retaraka.ru/ Frame F4D6 		42 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ww82.retaraka.ru/px.gif?ch=2&rn=6.975146524670082
Requested by
Host: ww82.retaraka.ru
URL: http://ww82.retaraka.ru/
Protocol
HTTP/1.1
Server
199.59.243.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ww82.retaraka.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Jun 2023 07:45:19 GMT
Last-Modified
Wed, 15 Sep 2021 19:38:30 GMT
Server
openresty
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:01 GMT
bf.min.js
scripts.host.bannerflow.com/1.0.2/ Frame BDE9 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.host.bannerflow.com/1.0.2/bf.min.js
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c939.html?cb=637076018807842946&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06c%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c93a%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c939%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c939%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908321&trackerId=4905519&wm=4905519&zoneid=1908321&ref=http%3A%2F%2Fapostaslive.bitcoincasinousa.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90c80efd7412a6230c07af29b429fd0cd28e308082852857098251d1f31a1307

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.bannerflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Jun 2023 07:45:20 GMT
content-encoding
br
cf-cache-status
REVALIDATED
content-md5
nX9ruCvqgybrqY5TvgMl6Q==
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Mon, 18 Sep 2017 15:54:43 GMT
server
cloudflare
etag
W/"0x8D4FEAD93E36E72"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
05d248c2-801e-0052-7b6f-946eea000000
x-ms-version
2014-02-14
cf-ray
7d1650e3fe6b9b98-FRA
sbbr-serieb-728x90-599593c2-d550-4572-bd37-128d2856c45b-cx-8-cy-0-cw-702-ch-90-noopt.jpg
cdn.bannerflow.com/resources/cropping/ Frame BDE9 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bannerflow.com/resources/cropping/sbbr-serieb-728x90-599593c2-d550-4572-bd37-128d2856c45b-cx-8-cy-0-cw-702-ch-90-noopt.jpg?v=636209368830000000
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c939.html?cb=637076018807842946&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06c%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c93a%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c939%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c939%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908321&trackerId=4905519&wm=4905519&zoneid=1908321&ref=http%3A%2F%2Fapostaslive.bitcoincasinousa.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cf44019f8ed3629fc783cf4005868ec49df771d2dc01da048789a8528ad376d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c939.html?cb=637076018807842946&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06c%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c93a%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c939%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c939%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908321&trackerId=4905519&wm=4905519&zoneid=1908321&ref=http%3A%2F%2Fapostaslive.bitcoincasinousa.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Jun 2023 07:45:20 GMT
cf-cache-status
MISS
content-md5
hOpOo77c2CFPiw30LlzMTA==
content-length
8281
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 25 Jan 2017 10:45:39 GMT
server
cloudflare
etag
"0x8D4450F4DC63F03"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
88d884f4-f01e-0077-28ef-95c796000000
cache-control
public,max-age=604800
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d1650e3bab69162-FRA
logo-en-nolead-99837248-7bd5-4f52-950d-818b557c1f11-200x49.png
cdn.bannerflow.com/resources/ Frame BDE9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bannerflow.com/resources/logo-en-nolead-99837248-7bd5-4f52-950d-818b557c1f11-200x49.png?v=635779176870000000
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c939.html?cb=637076018807842946&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06c%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c93a%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c939%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c939%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908321&trackerId=4905519&wm=4905519&zoneid=1908321&ref=http%3A%2F%2Fapostaslive.bitcoincasinousa.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
500509caa8fd77c93b16d435edcde886c5d42e27e2e87934246b5ebf4da0a8c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c939.html?cb=637076018807842946&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06c%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c93a%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c939%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c939%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908321&trackerId=4905519&wm=4905519&zoneid=1908321&ref=http%3A%2F%2Fapostaslive.bitcoincasinousa.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Jun 2023 07:45:19 GMT
cf-cache-status
REVALIDATED
content-md5
oDx1Wca6lv6fUHLulmtVlQ==
cf-polished
origFmt=png, origSize=2302
content-disposition
inline; filename="logo-en-nolead-99837248-7bd5-4f52-950d-818b557c1f11-200x49.webp"
content-length
2124
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Wed, 28 Jun 2017 08:52:21 GMT
server
cloudflare
etag
"0x8D4BE02FD617519"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
x-ms-request-id
ef51e8bd-601e-0075-1e66-93792e000000
cache-control
public,max-age=604800
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d1650e3baba9162-FRA
FrutigerNeueLTW1G-Heavy-a50ebf27-c4ac-4e24-aa28-a52fcb431e22-3209679913567323106-subset.woff
cdn.bannerflow.com/resources/ Frame BDE9 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/resources/FrutigerNeueLTW1G-Heavy-a50ebf27-c4ac-4e24-aa28-a52fcb431e22-3209679913567323106-subset.woff
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c939.html?cb=637076018807842946&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06c%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c93a%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c939%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c939%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908321&trackerId=4905519&wm=4905519&zoneid=1908321&ref=http%3A%2F%2Fapostaslive.bitcoincasinousa.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b010806e27150d57cc02b5b112946598f444c935fe96a7f4d655aa5e8fd3728b

Request headers

Referer
https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c939.html?cb=637076018807842946&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06c%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c93a%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c939%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c939%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908321&trackerId=4905519&wm=4905519&zoneid=1908321&ref=http%3A%2F%2Fapostaslive.bitcoincasinousa.com%2F
Origin
https://cdn.bannerflow.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 03 Jun 2023 07:45:20 GMT
cf-cache-status
MISS
content-md5
cSeX6JyjZvHLIRAoKuHi3w==
content-length
4560
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 25 Oct 2019 12:02:44 GMT
server
cloudflare
etag
"0x8D759433ECD1ED2"
vary
Accept-Encoding
content-type
application/x-font-woff
access-control-allow-origin
*
x-ms-request-id
cddcc1be-901e-003c-45ef-953bc5000000
cache-control
public,max-age=604800
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d1650e3bab89162-FRA
ads
www.google.com/afs/ Frame 26DD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol130%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol307%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol431&client=dp-bodis31_3ph&r=m&sc_status=0&hl=de&rpbu=http%3A%2F%2Fww82.retaraka.ru%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2502185569747978&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301187%2C17301190&format=r3&nocache=311685778319981&num=0&output=afd_ads&domain_name=ww82.retaraka.ru&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1685778319982&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=300&ish=100&psw=284&psh=76&frm=2&cl=536423577&uio=-&cont=rs&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fww82.retaraka.ru%2F&adbw=master-1%3A284
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
de4e6a88079cb8bf6928d78a3cc24e9bfb4015a7ccab6ebcb4f7ef3b31b78507
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-8wXGAVA5tv-Rqdmjq8aBNw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

Referer
http://ww82.retaraka.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
2117
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-8wXGAVA5tv-Rqdmjq8aBNw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Sat, 03 Jun 2023 07:45:20 GMT
expires
Sat, 03 Jun 2023 07:45:20 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0
caf.js
www.google.com/adsense/domains/ Frame 26DD 		145 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js?pac=0
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol130%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol307%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol431&client=dp-bodis31_3ph&r=m&sc_status=0&hl=de&rpbu=http%3A%2F%2Fww82.retaraka.ru%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2502185569747978&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301187%2C17301190&format=r3&nocache=311685778319981&num=0&output=afd_ads&domain_name=ww82.retaraka.ru&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1685778319982&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=300&ish=100&psw=284&psh=76&frm=2&cl=536423577&uio=-&cont=rs&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fww82.retaraka.ru%2F&adbw=master-1%3A284
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c5ceee749e15d845f1daa82c1a730840a277c1affa77d27185db823a462989f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:45:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"9824987163504129287"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Sat, 03 Jun 2023 07:45:20 GMT
chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 26DD 		200 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol130%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol307%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol431&client=dp-bodis31_3ph&r=m&sc_status=0&hl=de&rpbu=http%3A%2F%2Fww82.retaraka.ru%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2502185569747978&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301187%2C17301190&format=r3&nocache=311685778319981&num=0&output=afd_ads&domain_name=ww82.retaraka.ru&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1685778319982&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=300&ish=100&psw=284&psh=76&frm=2&cl=536423577&uio=-&cont=rs&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fww82.retaraka.ru%2F&adbw=master-1%3A284
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 02 Jun 2023 20:57:47 GMT
age
38853
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
174
x-xss-protection
0
last-modified
Thu, 22 Oct 2020 21:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Sat, 03 Jun 2023 19:57:47 GMT
call_to_action_arrow.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 26DD 		444 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol130%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol307%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol431&client=dp-bodis31_3ph&r=m&sc_status=0&hl=de&rpbu=http%3A%2F%2Fww82.retaraka.ru%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2502185569747978&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301187%2C17301190&format=r3&nocache=311685778319981&num=0&output=afd_ads&domain_name=ww82.retaraka.ru&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1685778319982&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=300&ish=100&psw=284&psh=76&frm=2&cl=536423577&uio=-&cont=rs&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fww82.retaraka.ru%2F&adbw=master-1%3A284
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5455d8d4b8ae5150039ff7a83a6679d4338a435945985fa9f8d0ecbea9ae2f6e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 03 Jun 2023 04:29:12 GMT
age
11768
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
278
x-xss-protection
0
last-modified
Tue, 09 Feb 2021 14:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Sun, 04 Jun 2023 03:29:12 GMT
_tr
ww82.retaraka.ru/ Frame F4D6 		2 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
http://ww82.retaraka.ru/_tr
Requested by
Host: ww82.retaraka.ru
URL: http://ww82.retaraka.ru/js/parking.2.105.5.js
Protocol
HTTP/1.1
Server
199.59.243.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Accept
application/json
Referer
http://ww82.retaraka.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

X-Version
2.105.5
Date
Sat, 03 Jun 2023 07:45:20 GMT
Content-Encoding
gzip
Pragma
no-cache
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
gen_204
afs.googlesyndication.com/afs/ Frame F4D6 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googlesyndication.com/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=cflavtlwhrnd&aqid=kO96ZJv0AZqO3wOM1b7oCA&psid=3113057640&pbt=bs&adbx=0&adby=143&adbh=480&adbw=300&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=536423577&csala=4%7C0%7C98%7C28%7C41&lle=0&ifv=0&usr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-MKwxGYDhMaWGhqrFpTB0-Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ww82.retaraka.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-MKwxGYDhMaWGhqrFpTB0-Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date
Sat, 03 Jun 2023 07:45:21 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/html; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
wloddsring.adsrv.eacdn.com
URL
https://wloddsring.adsrv.eacdn.com/I.ashx?btag=a_605b_178c_&affid=8315222&siteid=605&adid=178&c=

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 boolean| credentialless object| onbeforetoggle object| onscrollend object| _wpemojiSettings undefined| $ function| jQuery object| $ULs object| twemoji object| wp

6 Cookies

Domain/Path Name / Value
.betwaypartners.com/ Name: __cf_bm
Value: 67j_aY1KoTNdNzxvsMnhHPDdvNzRDl3g8kIjUF76VHo-1685778318-0-AXDj3weQh4PwfyKGJE7pgEOFPTimEDc/tF6UFo7wWbexFBnkPs70KARunkWBcFzuO+F8KaTh2+oD7ebGBLGdAPc=
.leovegas.com/ Name: NetRefer_CookieUniTrack_V
Value: %5b%7b%22PID%22%3a3650092%2c%22BID%22%3a15928%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1685778318121)%5c%2f%22%2c%22CookieTag%22%3a%22159283650092403101C202363745%22%7d%5d
trafforsrv.com/ Name: sppc_uuid
Value: e9c53959-10a6-4f75-93aa-7179df219dd7
.entainpartners.com/ Name: __cf_bm
Value: KiANAAZk3eoeZEBzhb2udOqBDlIUM0zSy9BmRbzxHlc-1685778318-0-AbyTC1/cWi+hibgMnybaS0b/X0Dp0Qb4X0LF5NwW3Y47KN1mfxadu4SCp0ng3Ni6X96nbaRQ92DLmIlFxLK7nqI=
my.rtmark.net/ Name: ID
Value: e7b58e97555841efb7d0f4577eaae936
575e53c686585416146c4c3c.tracker.bannerflow.com/ Name: cc
Value: AVdeU8aGWFQWFGxMPF3DChxQnm0WkGOwbFlWHJi9jT4XOFDJOQCPuQAAAR5hcG9zdGFzbGl2ZS5iaXRjb2luY2FzaW5vdXNhLmM-

3 Console Messages

Source Level URL
Text
security error URL: https://wlpartnersonly.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Message:
Mixed Content: The page at 'https://wlpartnersonly.adsrv.eacdn.com/I.ashx?btag=a_521b_10984c_&affid=351&siteid=521&adid=10984&c=' was loaded over HTTPS, but requested an insecure frame 'http://wlpartnersonly.adsrv.eacdn.com/T.ashx?btag=a_521b_10984c_&affid=351&siteid=521&adid=10984&c=&t=638213751182330000&MediaID=13168&MediaIndex=0&XYZ=120%260%26148%26%26%26%260%260%26%26'. This request has been blocked; the content must be served over HTTPS.
other warning URL: https://www.google.com/adsense/domains/caf.js(Line 217)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript error URL: http://ww82.retaraka.ru/js/parking.2.105.5.js
Message:
Unsafe attempt to initiate navigation for frame with URL 'http://apostaslive.bitcoincasinousa.com/' from frame with URL 'http://ww82.retaraka.ru/'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

575e53c686585416146c4c3c.tracker.bannerflow.com
ads.leovegas.com
affpa.top
afs.googlesyndication.com
afs.googleusercontent.com
apostaslive.bitcoincasinousa.com
apostaslive.com
betwaypartners.com
c.bannerflow.net
cdn.bannerflow.com
fonts.googleapis.com
fonts.gstatic.com
mediaserver.entainpartners.com
mediaserver.gvcaffiliates.com
my.rtmark.net
refbanners.com
refpasrasw.world
retaraka.ru
scripts.host.bannerflow.com
trafforsrv.com
trk.22betpartners.com
ufpcdn.com
wloddsring.adsrv.eacdn.com
wlpartnersonly.adsrv.eacdn.com
wlpartnersonly.eacdn.com
ww82.retaraka.ru
www.apostas.mobi
www.betwaypartners.com
www.google.com
wloddsring.adsrv.eacdn.com
104.18.18.47
104.18.19.47
13.69.68.15
139.45.195.8
142.250.185.66
195.201.147.169
198.58.116.74
199.59.243.223
216.18.168.28
2606:4700:3030::6815:2ed2
2606:4700::6810:4f68
2606:4700::6810:5268
2606:4700::6812:ad65
2606:4700::6812:bd8
2620:1ec:bdf::45
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:828::2004
2a00:1450:4001:831::200a
40.127.232.184
46.8.8.100
75.102.57.54
83.147.204.12
83.147.204.132
83.147.205.153
93.191.195.99
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
115de82621541fbb6f2c7dbcb27d4609902f04c3a53f7949edc1257aeca36f43
12a698f19828bebe8f29cbdd35621fdf8af7b54ee5418f8b531fefddb7184ccf
177cd9f4ce7cd61fd3aa6d51ce7e618640fecd6a4b1df991853cbbecdc213243
186c40d06fc13830497a7b9f42bc14538c1b7fa0b98560c7911e6e1a935f769d
198a55310d4d5b786ff571ff4f16a66505bb17545c557818c8de810851616955
1a4af64cd895472b2d01ac6793dcd495148f6de7f4d0ca032d60e40e6c626121
1c57101bb57275c8c8cafc5d6216131a378c4388a52656ed3770068cd0ab10b9
1cf44019f8ed3629fc783cf4005868ec49df771d2dc01da048789a8528ad376d
1dd1f36bf25471c6fcded93343d62ddecfd58f5734680c614dc3a1841ed518dc
1f765b84754695710d819b09181cb9743288d3aad0c5cb81ca0ad818ba18191f
2030670e741bd3c703b83ff53fd2193e3dd69db63bc4344d1d0eb3082740858c
2184040d479d84587f5fee0684936810117f97981b7208f20d2686f3df02f26f
228fca9b43da30757480eec3fb2850954977d258616efc22b2d21003556e3e2f
2c63172eb629de490d928f81262ef1e4041cf768b509c17e44c0d5094b255db0
3085c3045e80543cb143efdea02f29f6a514e0a285cc722fd931618dac071a1e
325a5e1ebfacacb24923c3fc57381ed286d3167dfcd6f3b26e0a0f283ce5b9e8
3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8
439b911267756bddee7e3997d7af8bf6083d2780a2c904756406cd96f10f7eac
4c0831bbff079ac28d7851a6e15469845cb70f8f7de0005adcac65c5922205e5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f439b921e94f6a3173aca8df7e263ebf0de224cc833d06d755360801c748017
500509caa8fd77c93b16d435edcde886c5d42e27e2e87934246b5ebf4da0a8c7
53bd78ec0d8a4620b53459f433b6213c5ff1105146f8047afacc5765d2fe1811
5455d8d4b8ae5150039ff7a83a6679d4338a435945985fa9f8d0ecbea9ae2f6e
56b1a91e9925c3152f369793126eb3a020955c181dbf7d65f191ecda2f914774
56ce92887c108586bf63058a06f051e957f58936396e829d5fddeb59dbab0e59
5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
692202887eb4ccda9683e3b1742871b576c715ce61679f8edeaef86f7b08a56b
70cb866e223d85d2d1e8e40c4c8a974d31ba828166f63649c9d7445e42f461ee
7586b9e64f3df13c21479b161e873a7b174a86be0dc6d7d4c4972672e5589e96
78139a222ffa67be2661292396fefa8f5001f5b9f67e3e5969229c96a741c898
7ec8517d039158f8f629b16bb98455220496ba9ba711ea8e0ecb9d78f3e96ce4
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
8c5ceee749e15d845f1daa82c1a730840a277c1affa77d27185db823a462989f
8fb34961a26bfdc7f4173352abf8b98494cb122ff60aee77670a2a2813556d38
90c80efd7412a6230c07af29b429fd0cd28e308082852857098251d1f31a1307
9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928
9f3a8ca6c59bb47419f2d5561d604bdd2d62e7769bb0fa7bbc8117a30e62ed09
9f4b756f015be8057f91cf3b5eba1be5e8704da9f6d1fc2c7cda0d11bb03bdbe
9f56d75166090eb324e439d7c529018b7e8212e40f4bb6db318c3e71e632c074
a2a6a2711d9987f87740d95ed09ecd902065e20250001b577b2c1930a618be1b
a383ae4cb7a7e24fd1cf11171f6dd626e93dfab96741cae6f62c0ab90c4b1362
a68f188a6727640c7e64b31f29e08c65cfc60240d8c7574129c9cf0ccbb4991e
a702f8eff035674b33bdb4128ebc271e050dce7463bf70cb9e42dffc677c5513
a90af1111b43fbf301d80143e5e2cfe2a1a79ec54ad8a200bbed010d6a4044ef
b010806e27150d57cc02b5b112946598f444c935fe96a7f4d655aa5e8fd3728b
b02c15e9a9d2d7c3f23814d2f78b53940b200d9ef2445760716651ed1a78f544
b1e1c1975680cede3dcdbf7b667e98e29232826d7c5a71f6306a4a30bb92662d
b260d056edb6c39eeeed00ffc7bccded9160bb9c1f03c62d77a99181ae88a08b
b3200581983512a4c9c7f9c53e2330a35c28edeebd51fd8a70d8510102ed6996
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
bbb308b822dc108d1d72667a76cc1300c61d62b2a6aa76814d160afc5c24e167
bbbd42e8b062056f9aaa9fd6ff1c2d0b83462e1abbf1ff558dd1dfa1dbdd6eb2
bd0380953980ff3b1c4316483e41ab5e298f1b8a593b5201fc180f18802f77c7
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c17e2e405e202306a1593ccb35d514da7af18f411e9d7a31e0556e16bc4f43df
c6c0530410b587e023f52ad084f5102f6a3d1e3dc20d0ab9cfc350d1ad1efdb7
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
d2264a671020ab1ea7234f7e6aa75a57c9f8e5a52ac366cb62940754c250098e
d5472a121d9858b8889a3003195d55b8cbe142caa65c5a390da6adc1b84ab631
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d7e395d1fa493ada5a3165234c2d11c0166727af349c71953c9d046201927e21
d9e670c2fd5aaf09df614d38ecbcacc53869788d00cd4a8212e14c380e6b7d38
de4e6a88079cb8bf6928d78a3cc24e9bfb4015a7ccab6ebcb4f7ef3b31b78507
deab07af91aa3e2969b811f091b15c0909788ba3ee59f1354bd6a2b5dc8a4e38
e05acd87e2d5632266033c06e4d8ab4aa17b7520215a9fc08e54b28f7bacdb49
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecbd308a0759262635980298fe3491ae93666dc2e8af420496c8e6ab77e1231f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2fe0dea345de0acd32426a6654d88ecce1d5b39014f327d2b286a48f5919585
f316edba5d088adfa0f0e901daa68a75cd22a9f8c16ae1260518d9b4fab319aa
f3e7fc38b56f3a8188e8bfbfefa298fd6934dec337552dd8b72f8d468e11de64
f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939