www.lokicasino.com Open in urlscan Pro
104.18.1.230 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wvbtyfqt.4khdcamera.com/
Effective URL:
https://www.lokicasino.com/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342
Submission: On December 03 via api (December 3rd 2020, 6:56:29 am UTC) from CA

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 12 domains to perform 27 HTTP transactions. The main IP is 104.18.1.230, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.lokicasino.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 6th 2020. Valid for: a year.

This is the only time www.lokicasino.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	51.15.15.31 51.15.15.31	12876 (Online SAS) (Online SAS)
10 20	2606:4700:20:... 2606:4700:20::681a:a2c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::6812:25f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3035::681b:ae72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:303... 2606:4700:3031::6812:3a22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	2606:2800:234... 2606:2800:234:4cc4:5670:35d5:1e00:b394	15133 (EDGECAST) (EDGECAST)
2	104.18.1.230 104.18.1.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	95.211.229.247 95.211.229.247	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	95.211.229.245 95.211.229.245	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
27	11

1 51.15.15.31 (Haarlem, Netherlands)

ASN12876 (Online SAS, FR)
PTR: 51-15-15-31.rev.poneytelecom.eu

wvbtyfqt.4khdcamera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:20::681a:a2c (United States) 10 redirects

ASN13335 (CLOUDFLARENET, US)

www.stockvault.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6812:25f7 (United States)

ASN13335 (CLOUDFLARENET, US)

dwmv.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::681b:ae72 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

atraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3031::6812:3a22 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lokicasino.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:4cc4:5670:35d5:1e00:b394 (United States)

ASN15133 (EDGECAST, US)

a.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.1.230 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lokicasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.211.229.247 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

main.exdynsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
main.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.229.245 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

main.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	stockvault.net 10 redirects www.stockvault.net	283 KB
6	lokicasino.cc www.lokicasino.cc	5 KB
2	lokicasino.com www.lokicasino.com	100 KB
2	exoclick.com a.exoclick.com main.exoclick.com	1 KB
1	realsrv.com main.realsrv.com	418 B
1	exdynsrv.com main.exdynsrv.com	419 B
1	googletagmanager.com www.googletagmanager.com	32 KB
1	googleapis.com ajax.googleapis.com	29 KB
1	atraff.com 1 redirects atraff.com	777 B
1	dwmv.biz dwmv.biz	2 KB
1	4khdcamera.com wvbtyfqt.4khdcamera.com	103 KB
0	trafficjunky.net Failed ctrack.trafficjunky.net Failed
27	12

	Domain	Requested by
20	www.stockvault.net	10 redirects wvbtyfqt.4khdcamera.com
6	www.lokicasino.cc	dwmv.biz www.lokicasino.cc ajax.googleapis.com
2	www.lokicasino.com	www.lokicasino.cc
1	main.realsrv.com
1	main.exoclick.com
1	main.exdynsrv.com
1	a.exoclick.com	www.googletagmanager.com
1	www.googletagmanager.com	www.lokicasino.cc
1	ajax.googleapis.com	www.lokicasino.cc
1	atraff.com	1 redirects
1	dwmv.biz	wvbtyfqt.4khdcamera.com
1	wvbtyfqt.4khdcamera.com
0	ctrack.trafficjunky.net Failed
27	13

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-17` - `2021-07-17`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.ackcdn.net GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-08-07` - `2021-08-01`	a year	crt.sh
exdynsrv.com Let's Encrypt Authority X3	`2020-10-26` - `2021-01-24`	3 months	crt.sh
*.exoclick.com Go Daddy Secure Certificate Authority - G2	`2020-08-03` - `2021-10-02`	a year	crt.sh
realsrv.com Let's Encrypt Authority X3	`2020-10-26` - `2021-01-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.lokicasino.com/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342
Frame ID: E6341035637CD3423C94ED48FE78315E
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://wvbtyfqt.4khdcamera.com/ Page URL
https://atraff.com/?serial=5522&creative_id=1&anid=30auk6v5fc88c0bce342 HTTP 302
https://www.lokicasino.cc/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342 Page URL
https://www.lokicasino.com/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

27
Requests

89 %
HTTPS

64 %
IPv6

12
Domains

13
Subdomains

11
IPs

3
Countries

548 kB
Transfer

832 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wvbtyfqt.4khdcamera.com/ Page URL
https://atraff.com/?serial=5522&creative_id=1&anid=30auk6v5fc88c0bce342 HTTP 302
https://www.lokicasino.cc/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342 Page URL
https://www.lokicasino.com/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://www.stockvault.net/data/2016/06/22/202798/thumb16.jpg HTTP 301
https://www.stockvault.net/data/2016/06/22/202798/thumb16.jpg

Request Chain 2

http://www.stockvault.net/data/2016/06/23/202825/thumb16.jpg HTTP 301
https://www.stockvault.net/data/2016/06/23/202825/thumb16.jpg

Request Chain 3

http://www.stockvault.net/data/2016/06/23/202831/thumb16.jpg HTTP 301
https://www.stockvault.net/data/2016/06/23/202831/thumb16.jpg

Request Chain 4

http://www.stockvault.net/data/2016/06/23/202855/thumb16.jpg HTTP 301
https://www.stockvault.net/data/2016/06/23/202855/thumb16.jpg

Request Chain 5

http://www.stockvault.net/data/2016/06/23/202836/thumb16.jpg HTTP 301
https://www.stockvault.net/data/2016/06/23/202836/thumb16.jpg

Request Chain 6

http://www.stockvault.net/data/2016/06/22/202799/thumb16.jpg HTTP 301
https://www.stockvault.net/data/2016/06/22/202799/thumb16.jpg

Request Chain 7

http://www.stockvault.net/data/2016/06/23/202848/thumb16.jpg HTTP 301
https://www.stockvault.net/data/2016/06/23/202848/thumb16.jpg

Request Chain 9

http://www.stockvault.net/data/2016/06/23/202837/thumb16.jpg HTTP 301
https://www.stockvault.net/data/2016/06/23/202837/thumb16.jpg

Request Chain 10

http://www.stockvault.net/data/2016/06/23/202839/thumb16.jpg HTTP 301
https://www.stockvault.net/data/2016/06/23/202839/thumb16.jpg

Request Chain 11

http://www.stockvault.net/data/2016/06/22/202806/thumb16.jpg HTTP 301
https://www.stockvault.net/data/2016/06/22/202806/thumb16.jpg

Request Chain 12

https://atraff.com/?serial=5522&creative_id=1&anid=30auk6v5fc88c0bce342 HTTP 302
https://www.lokicasino.cc/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342

27 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
wvbtyfqt.4khdcamera.com/ 103 KB
103 KB 190ms
56ms Document
text/html 51.15.15.31
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: http://wvbtyfqt.4khdcamera.com/
Protocol: HTTP/1.1
Server: 51.15.15.31 Haarlem, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS: 51-15-15-31.rev.poneytelecom.eu
Software: nginx / PHP/7.2.31
Resource Hash: ff24258ea90670f22a0e959ebf68bb6f68236b9c8fb10452952d0e51057cb614

Request headers

Host: wvbtyfqt.4khdcamera.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Thu, 03 Dec 2020 06:56:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.31

GET
H2

200

thumb16.jpg
www.stockvault.net/data/2016/06/22/202798/
Redirect Chain

http://www.stockvault.net/data/2016/06/22/202798/thumb16.jpg
https://www.stockvault.net/data/2016/06/22/202798/thumb16.jpg

7 KB
8 KB

47ms
42ms

Image
image/jpeg

2606:4700:20::681a:a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stockvault.net/data/2016/06/22/202798/thumb16.jpg
Requested by: Host: wvbtyfqt.4khdcamera.com
URL: http://wvbtyfqt.4khdcamera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df7e0769c209b386f0a2166e4bfc69dd782ea558fb1f9ff72a34a5f23539b52a

Request headers

Referer: http://wvbtyfqt.4khdcamera.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 06:56:10 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 7481
cf-request-id: 06c8fc20bf00001f45d2bcc000000001
pragma: public
last-modified: Mon, 28 Nov 2016 03:28:52 GMT
server: cloudflare
etag: "583ba474-1d39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cqbGA7h8YdPNDLfhkNK%2BJafxnHCN2v60gnDKuSkbco%2FpnGlWFROagRvalFwzHNXJrnnr68QC%2Bj9c35VlIlb8yZVAxX1VlJpvtETbxNrIMY517UW1EP86mmgHuiMFuNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 5fbb62e13c821f45-FRA
expires: Sat, 02 Jan 2021 06:56:10 GMT

Redirect headers

Date: Thu, 03 Dec 2020 06:56:10 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J9Tu99tR%2FV7bWo0rpfnm1825C8xLQTP1tNgs4ufHa6Yz%2F73vsZmVvrP4tZs3unCVL1sPE4OtuMqmnHLauASQ6zzC10CvpoAYlKd4OGv1hJrTvPbnPrBcphZ42Dyr0DQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Location: https://www.stockvault.net/data/2016/06/22/202798/thumb16.jpg
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5fbb62e0ed37d705-FRA
cf-request-id: 06c8fc208d0000d705b304d000000001

GET
H2

200

thumb16.jpg
www.stockvault.net/data/2016/06/23/202825/
Redirect Chain

http://www.stockvault.net/data/2016/06/23/202825/thumb16.jpg
https://www.stockvault.net/data/2016/06/23/202825/thumb16.jpg

7 KB
7 KB

60ms
43ms

Image
image/jpeg

2606:4700:20::681a:a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stockvault.net/data/2016/06/23/202825/thumb16.jpg
Requested by: Host: wvbtyfqt.4khdcamera.com
URL: http://wvbtyfqt.4khdcamera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e18d5ccebc71c2cbb5672f9e915546d861e5da1678e20e85ae576cae055c18b7

Request headers

Referer: http://wvbtyfqt.4khdcamera.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 06:56:10 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 7071
cf-request-id: 06c8fc20bf00001f45fa3ef000000001
pragma: public
last-modified: Mon, 28 Nov 2016 03:29:02 GMT
server: cloudflare
etag: "583ba47e-1b9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CTfs81%2B733xDIluSYAWLqzVwAcQwExWYUAmuWOpyorwhkilGjnQcI10SJfLnoXciTxOV9yqfgdXTLNTVJ76a7gRFgQWHyPHkDAPKF2am17nQ4a4N%2FD9MXiX%2BFFDjmhc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 5fbb62e13c801f45-FRA
expires: Sat, 02 Jan 2021 06:56:10 GMT

Redirect headers

Date: Thu, 03 Dec 2020 06:56:10 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8zcmF56tFGtn8iNYNj1DeLGS%2BTxAY5OF%2FwdUW%2FWU5WpjHmhoYMkCGZVzvYaK%2F%2Fq3rIrvmMEhiy04dmvcro38laQemPAjqMZfR3nHG0j%2FZAlDiMIowwFvlr5e3XMo5JI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Location: https://www.stockvault.net/data/2016/06/23/202825/thumb16.jpg
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5fbb62e0eb6ad6c9-FRA
cf-request-id: 06c8fc208e0000d6c9e828c000000001

GET
H2

200

thumb16.jpg
www.stockvault.net/data/2016/06/23/202831/
Redirect Chain

http://www.stockvault.net/data/2016/06/23/202831/thumb16.jpg
https://www.stockvault.net/data/2016/06/23/202831/thumb16.jpg

10 KB
11 KB

55ms
41ms

Image
image/jpeg

2606:4700:20::681a:a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stockvault.net/data/2016/06/23/202831/thumb16.jpg
Requested by: Host: wvbtyfqt.4khdcamera.com
URL: http://wvbtyfqt.4khdcamera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2ae23c2aa4ba97b34f5ea9987493c96c825c9e4e9f47d4f2b52531b95b3eba2

Request headers

Referer: http://wvbtyfqt.4khdcamera.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 06:56:10 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 10557
cf-request-id: 06c8fc20c200001f4515b5d000000001
pragma: public
last-modified: Mon, 28 Nov 2016 03:29:06 GMT
server: cloudflare
etag: "583ba482-293d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=N9KIs0liuZBmwS2C8Uoixrk1GL56Q92Dnkj1vdqNtMvnisRmxxnAw%2BoeOyRj6XL8FadcodiUFfcvPYRhC3vcUuB3QM6FA%2Be0O6MyYYxnrz8QkoFeESoxEU46nMfFGmY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 5fbb62e13c851f45-FRA
expires: Sat, 02 Jan 2021 06:56:10 GMT

Redirect headers

Date: Thu, 03 Dec 2020 06:56:10 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k9S4IV%2F%2B9n%2Bq68urdKVem6oGzU%2BeoE01rTQKtXSBKeR4ATJOvKLBREHddVaN02%2BBrwQlvdWkerzop0ep1l5Mn4plkMinfKx6smt5vJgu%2FaKZKsE7pSvbQO74j4CUh2g%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Location: https://www.stockvault.net/data/2016/06/23/202831/thumb16.jpg
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5fbb62e0ea382b59-FRA
cf-request-id: 06c8fc208e00002b59c69e9000000001

GET
H2

200

thumb16.jpg
www.stockvault.net/data/2016/06/23/202855/
Redirect Chain

http://www.stockvault.net/data/2016/06/23/202855/thumb16.jpg
https://www.stockvault.net/data/2016/06/23/202855/thumb16.jpg

31 KB
32 KB

50ms
50ms

Image
image/jpeg

2606:4700:20::681a:a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stockvault.net/data/2016/06/23/202855/thumb16.jpg
Requested by: Host: wvbtyfqt.4khdcamera.com
URL: http://wvbtyfqt.4khdcamera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 232140f2f34e983fc9eced289def945c7e2a3332bea16a36844ee73d5e7448da

Request headers

Referer: http://wvbtyfqt.4khdcamera.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 06:56:10 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 32238
cf-request-id: 06c8fc20c300001f45a92de000000001
pragma: public
last-modified: Mon, 28 Nov 2016 03:29:19 GMT
server: cloudflare
etag: "583ba48f-7dee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dvBLp7j7OW9%2BR9Ma2bKdC91Yau2u37pv%2BTOLSc0o2C0xZQB1x4CB2KZl3Yq8W3tLN25Ct%2FCkV3zG48lu2hCpBc9Enm2%2BIqWrHzOc158FkuAcCfoZfBX7bcrnbzVdLxI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 5fbb62e13c8c1f45-FRA
expires: Sat, 02 Jan 2021 06:56:10 GMT

Redirect headers

Date: Thu, 03 Dec 2020 06:56:10 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KHFVeZC5xeNK%2F3BV3jdwNOPpHpBMrm3mY%2BsF5B96et%2BXpkv6ZMHv3UrRW9bMgoU7hd%2B6%2FyyRdzxbMuCtb942eKcri6xqElanV%2FTk2zahVEfxcD9sU2y%2BqIIbCTKCVhI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Location: https://www.stockvault.net/data/2016/06/23/202855/thumb16.jpg
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5fbb62e0ec0505c4-FRA
cf-request-id: 06c8fc2091000005c489356000000001

GET
H2

200

thumb16.jpg
www.stockvault.net/data/2016/06/23/202836/
Redirect Chain

http://www.stockvault.net/data/2016/06/23/202836/thumb16.jpg
https://www.stockvault.net/data/2016/06/23/202836/thumb16.jpg

50 KB
51 KB

54ms
48ms

Image
image/jpeg

2606:4700:20::681a:a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stockvault.net/data/2016/06/23/202836/thumb16.jpg
Requested by: Host: wvbtyfqt.4khdcamera.com
URL: http://wvbtyfqt.4khdcamera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2ed9c4ad000ca60498aea85a4bd8231c172a5f10814f03699a709a163256464

Request headers

Referer: http://wvbtyfqt.4khdcamera.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 06:56:10 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 51472
cf-request-id: 06c8fc20c200001f45eb376000000001
pragma: public
last-modified: Mon, 28 Nov 2016 03:29:09 GMT
server: cloudflare
etag: "583ba485-c910"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r3KSEFY3FM2sF9u8KzuljgO7b1CnM9FQSey4G4oHU1a0IKF%2Bu5qm4unIgpmzGNH99%2Fwu%2BBobuWwmfREPD5YIElXlL6CpNhcbvsQN7cuePAp%2BTYS4Qv1tl8uquZukCcs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 5fbb62e13c8a1f45-FRA
expires: Sat, 02 Jan 2021 06:56:10 GMT

Redirect headers

Date: Thu, 03 Dec 2020 06:56:10 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gaE4uZNAVoDM%2FBSX6GQ5rCjPIXgwwyccs1ChiocT4vNS%2B7t%2FAmucRdIDjUqN4WG3FmS4%2BBaJEmXKdu3wUmSfpTFGVUBXkQ2B%2FdXGVzh6aIK5x9MA1%2BSxBUfEauIJgxE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Location: https://www.stockvault.net/data/2016/06/23/202836/thumb16.jpg
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5fbb62e0e87c2b29-FRA
cf-request-id: 06c8fc208e00002b29d7a4f000000001

GET
H2

200

thumb16.jpg
www.stockvault.net/data/2016/06/22/202799/
Redirect Chain

http://www.stockvault.net/data/2016/06/22/202799/thumb16.jpg
https://www.stockvault.net/data/2016/06/22/202799/thumb16.jpg

47 KB
47 KB

79ms
63ms

Image
image/jpeg

2606:4700:20::681a:a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stockvault.net/data/2016/06/22/202799/thumb16.jpg
Requested by: Host: wvbtyfqt.4khdcamera.com
URL: http://wvbtyfqt.4khdcamera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abea4c561346c4f343931634e8a64692f69666b9b918f9f831e9f03121a2aa7d

Request headers

Referer: http://wvbtyfqt.4khdcamera.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 06:56:10 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 47909
cf-request-id: 06c8fc20c000001f4503bed000000001
pragma: public
last-modified: Mon, 28 Nov 2016 03:28:53 GMT
server: cloudflare
etag: "583ba475-bb25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Mo7gjEgtDR5jvOSvzKTaTjnSNvI0Jzxv5im8rHAIjfDBTiSCBK8QB6txE1UrvK6t2zVS0PlopVbBvWtOv6JfQuU6LOO0CHYr50uVPt0B0iNc8dnsIxovNUJro%2Fk1r64%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 5fbb62e13c841f45-FRA
expires: Sat, 02 Jan 2021 06:56:10 GMT

Redirect headers

Date: Thu, 03 Dec 2020 06:56:10 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6oe7LscnF2SL2tvqi%2Fv1ibGOjc9PFfp0fZJNWeCO41MGzR%2BPfOtDFvtB43vQdXjc99XapvfPVnsvDsMEUgpe74FbOLxu8MoeMaCrM662Y%2FiAzFfhqMHn9bMBE8bhLDA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Location: https://www.stockvault.net/data/2016/06/22/202799/thumb16.jpg
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5fbb62e0e84d2c2e-FRA
cf-request-id: 06c8fc208e00002c2ef92a1000000001

GET
H2

200

thumb16.jpg
www.stockvault.net/data/2016/06/23/202848/
Redirect Chain

http://www.stockvault.net/data/2016/06/23/202848/thumb16.jpg
https://www.stockvault.net/data/2016/06/23/202848/thumb16.jpg

34 KB
34 KB

45ms
45ms

Image
image/jpeg

2606:4700:20::681a:a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stockvault.net/data/2016/06/23/202848/thumb16.jpg
Requested by: Host: wvbtyfqt.4khdcamera.com
URL: http://wvbtyfqt.4khdcamera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae737b9ece98dbb9a0e2dfc555338bd012d95e8e9fc25cfa5731c3fda1a67f99

Request headers

Referer: http://wvbtyfqt.4khdcamera.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 06:56:10 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 34537
cf-request-id: 06c8fc210700001f45970fb000000001
pragma: public
last-modified: Mon, 28 Nov 2016 03:29:15 GMT
server: cloudflare
etag: "583ba48b-86e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zykMYxvNCl1KgEpec9gCWd9ow6%2Bi1QRr5S82eFqrBnXaP9EQ5RIyXVeVXgiOF4la35OmbEoAei1kXZgZZDqFFQahPSTceEY7WRVGe8GY8FDq7jpNqht9IuHWtHRD%2Ffk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 5fbb62e1ad291f45-FRA
expires: Sat, 02 Jan 2021 06:56:10 GMT

Redirect headers

Date: Thu, 03 Dec 2020 06:56:10 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=75Xn7yEpeWhidigYNM4Rk9tZMMBd3AOJhamNXphMhz4XFTQog%2BuO%2FMJXbF9FCBu3FLE%2Fn%2BVuzpUyAWifW56Y%2FJaPQoNZ23q1B7a5bJnsQg%2FtbKOWjJ9v%2B%2FvLjA3kick%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Location: https://www.stockvault.net/data/2016/06/23/202848/thumb16.jpg
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5fbb62e17d9305c4-FRA
cf-request-id: 06c8fc20ea000005c47295f000000001

GET
H/1.1 200
OK Jnxp5Z
dwmv.biz/ 470 B
2 KB 1583ms
1577ms Script
application/javascript 2606:4700:3037::6812:25f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://dwmv.biz/Jnxp5Z?subid1=127&subid2=4khdcamera.com&subid3=pl2_img&subid4=20200831&frm=script&default_keyword=comment%20obtenir%20le%20taux%20de%20casino%20de%20carnaval&se_referrer=
Requested by: Host: wvbtyfqt.4khdcamera.com
URL: http://wvbtyfqt.4khdcamera.com/
Protocol: HTTP/1.1
Server: 2606:4700:3037::6812:25f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.29
Resource Hash

Request headers

Referer: http://wvbtyfqt.4khdcamera.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 03 Dec 2020 06:56:11 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
X-Powered-By: PHP/7.2.29
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 06c8fc208800001f151a0e1000000001
Pragma: no-cache
Last-Modified: Thu, 03 Dec 2020 06:56:10 GMT
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PvqPfdB7n%2FaOYX7goxF63YqS0XVhchfFUcCiFBq6RbaCa3gRt9VINvS4wzVwcXXyoxZeU1slA%2Bz%2FTPpsihylS%2FtW7oejYkvcnaaoIKCWcywsubkbMw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
CF-RAY: 5fbb62e0db4e1f15-FRA
Expires: 0

GET
H2

200

thumb16.jpg
www.stockvault.net/data/2016/06/23/202837/
Redirect Chain

http://www.stockvault.net/data/2016/06/23/202837/thumb16.jpg
https://www.stockvault.net/data/2016/06/23/202837/thumb16.jpg

12 KB
13 KB

38ms
38ms

Image
image/jpeg

2606:4700:20::681a:a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stockvault.net/data/2016/06/23/202837/thumb16.jpg
Requested by: Host: wvbtyfqt.4khdcamera.com
URL: http://wvbtyfqt.4khdcamera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eebb2af2ea24c864af78fe588533a761cc33ccedb7dab1f7ced70a620a188f8

Request headers

Referer: http://wvbtyfqt.4khdcamera.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 06:56:10 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 12491
cf-request-id: 06c8fc210d00001f45bcb87000000001
pragma: public
last-modified: Mon, 28 Nov 2016 03:29:09 GMT
server: cloudflare
etag: "583ba485-30cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JZeS9ZRal20tX8waO231VI1xepZIBbU6yGNOPmCRLxnOu9k3tB9Yxlil8gdUF2mIx%2F9lu1vzOpRC%2BPaop6vFBsGcUrGUHmQE37EK0yM0A0vSep5uIS9Ppduru9isF4Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 5fbb62e1ad3d1f45-FRA
expires: Sat, 02 Jan 2021 06:56:10 GMT

Redirect headers

Date: Thu, 03 Dec 2020 06:56:10 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f2uPaSMvXm2znQHIG7lvdHxeyHI18rQNs%2FDa70xRbzely%2BbL%2BKoOqr7QMhYELoHzXDiTnA8Y5I37fDgTKwiO%2BNztKaddISqQaOnA5HQwgJWOJRNhMD%2BGSHNj2BDS6jg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Location: https://www.stockvault.net/data/2016/06/23/202837/thumb16.jpg
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5fbb62e17e2ed705-FRA
cf-request-id: 06c8fc20ea0000d70556344000000001

GET
H2

200

thumb16.jpg
www.stockvault.net/data/2016/06/23/202839/
Redirect Chain

http://www.stockvault.net/data/2016/06/23/202839/thumb16.jpg
https://www.stockvault.net/data/2016/06/23/202839/thumb16.jpg

36 KB
37 KB

44ms
44ms

Image
image/jpeg

2606:4700:20::681a:a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stockvault.net/data/2016/06/23/202839/thumb16.jpg
Requested by: Host: wvbtyfqt.4khdcamera.com
URL: http://wvbtyfqt.4khdcamera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d6735da6972dcd57f80b054b2c48235770a58ef8c93f35d5f7fc88a61538520

Request headers

Referer: http://wvbtyfqt.4khdcamera.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 06:56:10 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 37055
cf-request-id: 06c8fc210900001f45c0805000000001
pragma: public
last-modified: Mon, 28 Nov 2016 03:29:10 GMT
server: cloudflare
etag: "583ba486-90bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=y0J1%2FcNvNq6sCpV6S6iQZsdcHk2PWP0kCqgQJwM9edMm6CEe0ptt2HOYZ%2BsiehQqsKHEPcWpio%2B8QjtcFc%2BFtEVlpIdkV1Xm7LSJtdM%2Fo%2FXvHglsWnaqQKnhUI7GdcM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 5fbb62e1ad2d1f45-FRA
expires: Sat, 02 Jan 2021 06:56:10 GMT

Redirect headers

Date: Thu, 03 Dec 2020 06:56:10 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Bq3%2Bi1uK7L6nnWhN4QqlO8N1imPWymUPAr4baw3owN8QDUR1sp7ZBrQMTIQmv%2BMxxMTlA7HT6KBYG2tOrMv5Sqtgo%2FOf48yrYCWyyCk9rwVDbukBfxTp4jZDsXx%2B6AE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Location: https://www.stockvault.net/data/2016/06/23/202839/thumb16.jpg
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5fbb62e179f42b29-FRA
cf-request-id: 06c8fc20eb00002b29c0981000000001

GET
H2

200

thumb16.jpg
www.stockvault.net/data/2016/06/22/202806/
Redirect Chain

http://www.stockvault.net/data/2016/06/22/202806/thumb16.jpg
https://www.stockvault.net/data/2016/06/22/202806/thumb16.jpg

36 KB
36 KB

56ms
56ms

Image
image/jpeg

2606:4700:20::681a:a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stockvault.net/data/2016/06/22/202806/thumb16.jpg
Requested by: Host: wvbtyfqt.4khdcamera.com
URL: http://wvbtyfqt.4khdcamera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37d46b4ad26f3500ca64a92d86051549dc99414264a1de32e1152900bc251c7b

Request headers

Referer: http://wvbtyfqt.4khdcamera.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 06:56:10 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 36935
cf-request-id: 06c8fc210d00001f459a2a5000000001
pragma: public
last-modified: Mon, 28 Nov 2016 03:28:56 GMT
server: cloudflare
etag: "583ba478-9047"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yHrKdqc6%2BwfPWSxKA9f8%2FJggkGMJCnmul8xrGfUdoITxc0kLrAf1PL%2Br1J57oia%2BUF1p9SwLI5ywINHQKlVf4KlNwVmhRcE%2FJ1eg9NH4MvlGqBYZhPgMvLAKVP7pGew%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 5fbb62e1ad3a1f45-FRA
expires: Sat, 02 Jan 2021 06:56:10 GMT

Redirect headers

Date: Thu, 03 Dec 2020 06:56:10 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mhA2FX7BsWEsGrn2Sk1mUJjF6aZeRt26MBswvm1Vq2JxDpoBOAHFrBUDqoCJM8bGtzHUFU7aii7C%2Bw5iZDDjCaBs9rVWFv7z%2FrOHDvsJAP8QfJLMo7Yzjx4oQ6I8tjQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Location: https://www.stockvault.net/data/2016/06/22/202806/thumb16.jpg
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5fbb62e17b702b59-FRA
cf-request-id: 06c8fc20ef00002b59270a3000000001

GET
H2

200

/ Show response
www.lokicasino.cc/
Redirect Chain

https://atraff.com/?serial=5522&creative_id=1&anid=30auk6v5fc88c0bce342
https://www.lokicasino.cc/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342

2 KB
1 KB

64ms
29ms

Document
text/html

2606:4700:3031::6812:3a22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lokicasino.cc/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342
Requested by: Host: dwmv.biz
URL: http://dwmv.biz/Jnxp5Z?subid1=127&subid2=4khdcamera.com&subid3=pl2_img&subid4=20200831&frm=script&default_keyword=comment%20obtenir%20le%20taux%20de%20casino%20de%20carnaval&se_referrer=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6812:3a22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7043ea8a785d81fa19ba891758bf05a7ed2a265b44efc3d014d2e12bc4d17877

Request headers

:method: GET
:authority: www.lokicasino.cc
:scheme: https
:path: /?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://wvbtyfqt.4khdcamera.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://wvbtyfqt.4khdcamera.com/

Response headers

date: Thu, 03 Dec 2020 06:56:12 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d9f584dd72949a5e15eb229306a71c3b61606978572; expires=Sat, 02-Jan-21 06:56:12 GMT; path=/; domain=.lokicasino.cc; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 06c8fc274c0000dfd73904f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vybJhfDyakQ5g08KlioJ2AjsE3NWn6B3w0DqM7WD0YcvyUaaS6A8pxM%2FsiZcwSaQP4x9zK71a1lfgLmJP67W3LRsbwtVCnfkZRfpn1LqQvQWPIq3RlgDwMb3dF4H%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fbb62ebaf40dfd7-FRA
content-encoding: br

Redirect headers

date: Thu, 03 Dec 2020 06:56:12 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=dbadd9b2bee71138f1b1adae79215cda31606978571; expires=Sat, 02-Jan-21 06:56:11 GMT; path=/; domain=.atraff.com; HttpOnly; SameSite=Lax; Secure
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
location: https://www.lokicasino.cc/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342
cache-control: no-cache
x-request-id: e11bd8a2-0526-47b8-87f1-a072747ed09c
x-runtime: 0.045375
strict-transport-security: max-age=31536000
vary: Origin
cf-cache-status: DYNAMIC
cf-request-id: 06c8fc26cd0000325c69bc6000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VC22Z54Oek2LuhvV0f%2B6TtIu6Crp0%2BS9pMQXsfoZnXOR0Z88ACqWCAphsU7%2F0nYDpT3STpf6SKK%2F7dabFgfoCA3sVVIdNa48i6b%2Fl6cnOXYsWpBUVIdv"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fbb62eaed01325c-FRA

GET
H2 200 site.css
www.lokicasino.cc/assets/templates/default/css/ 6 KB
1 KB 15ms
13ms Stylesheet
text/css 2606:4700:3031::6812:3a22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lokicasino.cc/assets/templates/default/css/site.css
Requested by: Host: www.lokicasino.cc
URL: https://www.lokicasino.cc/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6812:3a22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71138a5107f17be4be5be2450b710a48dc849ca384f2f79c190da563530562cc

Request headers

Referer: https://www.lokicasino.cc/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 06:56:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 Oct 2018 19:38:49 GMT
server: cloudflare
age: 704
etag: W/"5bb3c949-16db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=podqoy%2BJrNzNERkNcffcazf7ZN4xPtscGwUhwxsmpt7qW5pDvQ1BknRYpC11sjACVY0XCwec1Lvs9LU4iArxmNLhvjZCsXJkWg9FOFDzRYvM7KoGuaRYFWp4y9aSnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5fbb62ec1fcddfd7-FRA
cf-request-id: 06c8fc27930000dfd76322d000000001

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.0.2/ 82 KB
29 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.0.2/jquery.min.js

Requested by

Host: www.lokicasino.cc
URL: https://www.lokicasino.cc/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d7d1c727e1cd32745764098a76e5d3d5fb7acd3b6527c5aacd85b7c6f8ce341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lokicasino.cc/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 18:37:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 476345
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29456
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Nov 2021 18:37:07 GMT

GET
H2 200 connect.js Show response
www.lokicasino.cc/assets/tds/ 5 KB
2 KB 15ms
14ms Script
application/javascript 2606:4700:3031::6812:3a22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lokicasino.cc/assets/tds/connect.js
Requested by: Host: www.lokicasino.cc
URL: https://www.lokicasino.cc/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6812:3a22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 548c37d511227debdd835686293cd5ad103620ce707d7ab246ba98c207f3fcca

Request headers

Referer: https://www.lokicasino.cc/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 06:56:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Dec 2018 10:30:36 GMT
server: cloudflare
age: 704
etag: W/"5c24a9cc-14a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CW9%2Fl7z1%2Fer6Lfz0hdwdMB8%2BOn2vigbTycZTdR3YejKJID7JtqO7VeyVJft59eV3afrGPgDX7zk9WUHUtqGGbxoOJ%2FC%2BEYXgHWah%2FWlvQsAARQ78oUoC9pnk8WTG0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5fbb62ec1fcedfd7-FRA
cf-request-id: 06c8fc27930000dfd755849000000001

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 79 KB
32 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TWXN9WZ

Requested by

Host: www.lokicasino.cc
URL: https://www.lokicasino.cc/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e396a37c505efa094de6fa17149f42f486b000ff4de6d27285dcbbb5b1757207

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.lokicasino.cc/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 06:56:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32229
x-xss-protection: 0
last-modified: Thu, 03 Dec 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 03 Dec 2020 06:56:12 GMT

POST
H2 200 mirror Show response
www.lokicasino.cc/ 425 B
440 B 34ms
33ms XHR
text/html 2606:4700:3031::6812:3a22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lokicasino.cc/mirror
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.0.2/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6812:3a22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc0980848f31590a8564d9d430217dd93683cbb3a33a241bfeeafc52a96e0676

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.lokicasino.cc/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 03 Dec 2020 06:56:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xxD4UH4DqP%2BLr8QD4V5q5%2F57RhiocNO8rFrA3VqMlGGZ4ya12Rjc7NesacAPXI2bbfghZv6zcWAShgbHhB2XcFTx2DVB4JOMvpJ%2FAKEDIisznhPAqKw4zPfm20ATOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 5fbb62ec580bdfd7-FRA
cf-request-id: 06c8fc27b20000dfd72b3ad000000001

GET
H2 200 tag_gen.js Show response
a.exoclick.com/ 874 B
655 B 31ms
6ms Script
application/javascript 2606:2800:234:4cc4:5670:35d5:1e00:b394
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://a.exoclick.com/tag_gen.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWXN9WZ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:4cc4:5670:35d5:1e00:b394 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4190) /
Resource Hash: 7b58a94951c72705fa18e3aca84f1f9b4473d9a7b1556ba9bd02d0ef619d5897

Request headers

Referer: https://www.lokicasino.cc/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 06:56:12 GMT
content-encoding: gzip
last-modified: Thu, 03 Dec 2020 05:13:51 GMT
server: ECS (fcn/4190)
age: 6141
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=10800
accept-ranges: bytes
content-length: 471
expires: Thu, 03 Dec 2020 09:56:12 GMT

GET ctrack
ctrack.trafficjunky.net/ 0
0

GET
H2 200 favicon.png
www.lokicasino.com/resources/images/ 1 KB
2 KB 101ms
53ms Image
image/png 104.18.1.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lokicasino.com/resources/images/favicon.png?t=1606978572252
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.1.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 425f20a331d36a2d162ed7043fd2549c1e3a66b998088e05078e412354ebf9a3

Request headers

Referer: https://www.lokicasino.cc/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 06:56:12 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
last-modified: Mon, 30 Nov 2020 11:11:00 GMT
server: cloudflare
etag: "5fc4d344-473"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 5fbb62eced99c847-AMS
content-length: 1139
cf-request-id: 06c8fc28160000c847e59a1000000001

GET
H/1.1 200
OK tag.php
main.exdynsrv.com/ 0
419 B 76ms
24ms Image
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exdynsrv.com/tag.php?goal=4099a11773a484e83f9abf973071a868
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.lokicasino.cc/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 06:56:12 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.exoclick.com/ 0
419 B 77ms
25ms Image
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exoclick.com/tag.php?goal=4099a11773a484e83f9abf973071a868
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.lokicasino.cc/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 06:56:12 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.realsrv.com/ 0
418 B 78ms
27ms Image
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.realsrv.com/tag.php?goal=4099a11773a484e83f9abf973071a868
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.lokicasino.cc/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 06:56:12 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

POST
H2 200 www.lokicasino.com
www.lokicasino.cc/mirror/log/ 2 B
296 B 28ms
28ms XHR
text/html 2606:4700:3031::6812:3a22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lokicasino.cc/mirror/log/www.lokicasino.com?s=1&i=0&r=0
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.0.2/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6812:3a22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.lokicasino.cc/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 06:56:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F3XLm48XanquYc%2F5hYTqnJArCeTrKxE6jlBEBNHExjS6wZpOYfuuJga7U26q7gCvX%2FEegEYnekZH%2Bzz9%2Bq5kHQQpjDgWQOumgLTaiTNSvKSzMAuVOZXJGJuZt7Lq5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 5fbb62ed496adfd7-FRA
cf-request-id: 06c8fc284b0000dfd7928bc000000001

POST
H2 200 rememberMirror
www.lokicasino.cc/ax/ 5 B
384 B 18ms
18ms XHR
text/html 2606:4700:3031::6812:3a22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lokicasino.cc/ax/rememberMirror
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.0.2/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6812:3a22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.lokicasino.cc/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 03 Dec 2020 06:56:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zbl4Kp6g%2FC2RrLcnaSKAN5Ejyypjjugg%2BWNPyI3H%2F8CE0gdI7UZ%2FxtUQG3CRFPB%2BYrl%2FOw88rZWBYmW5xq%2BfyGkTdqdKDPH7ddoCaweTDMjsWmLRapbWGOH%2BDXb6Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 5fbb62ed79bbdfd7-FRA
cf-request-id: 06c8fc286c0000dfd72713e000000001

GET
H2 403 Primary Request / Show response
www.lokicasino.com/ 161 KB
99 KB 54ms
54ms Document
text/html 104.18.1.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lokicasino.com/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342
Requested by: Host: www.lokicasino.cc
URL: https://www.lokicasino.cc/assets/tds/connect.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.1.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a52ff79916baa89cf6eff421933efa846ea4894e3dfe5672a03fa45ab957543c

Request headers

:method: GET
:authority: www.lokicasino.com
:scheme: https
:path: /?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.lokicasino.cc/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.lokicasino.cc/?qtag=a4335_t5522_c1_s30auk6v5fc88c0bce342

Response headers

date: Thu, 03 Dec 2020 06:56:12 GMT
content-type: text/html
set-cookie: __cfduid=dad52ec96034ea532805b231caa38f5b61606978572; expires=Sat, 02-Jan-21 06:56:12 GMT; path=/; domain=.lokicasino.com; HttpOnly; SameSite=Lax
etag: W/"5eda385a-285bc"
content-encoding: gzip
cf-cache-status: DYNAMIC
cf-request-id: 06c8fc28730000c847e92d4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5fbb62ed8e80c847-AMS

GET
DATA 200
OK truncated
/ 120 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05948d5d7f0dfcc9fd7c8b8f54445743d6f4bc0c582ded34aa258e06aab0eee9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpg

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ctrack.trafficjunky.net
URL: http://ctrack.trafficjunky.net/ctrack?action=list&type=add&id=0&context=Loki&cookiename=Loki&maxcookiecount=10

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.lokicasino.com/	1970-01-19 15:06:10	Name: __cfduid Value: dad52ec96034ea532805b231caa38f5b61606978572

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.lokicasino.cc/assets/tds/connect.js(Line 62) Message: www.lokicasino.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.exoclick.com
ajax.googleapis.com
atraff.com
ctrack.trafficjunky.net
dwmv.biz
main.exdynsrv.com
main.exoclick.com
main.realsrv.com
wvbtyfqt.4khdcamera.com
www.googletagmanager.com
www.lokicasino.cc
www.lokicasino.com
www.stockvault.net
ctrack.trafficjunky.net
104.18.1.230
2606:2800:234:4cc4:5670:35d5:1e00:b394
2606:4700:20::681a:a2c
2606:4700:3031::6812:3a22
2606:4700:3035::681b:ae72
2606:4700:3037::6812:25f7
2a00:1450:4001:806::2008
2a00:1450:4001:81c::200a
51.15.15.31
95.211.229.245
95.211.229.247
05948d5d7f0dfcc9fd7c8b8f54445743d6f4bc0c582ded34aa258e06aab0eee9
232140f2f34e983fc9eced289def945c7e2a3332bea16a36844ee73d5e7448da
37d46b4ad26f3500ca64a92d86051549dc99414264a1de32e1152900bc251c7b
3d6735da6972dcd57f80b054b2c48235770a58ef8c93f35d5f7fc88a61538520
425f20a331d36a2d162ed7043fd2549c1e3a66b998088e05078e412354ebf9a3
548c37d511227debdd835686293cd5ad103620ce707d7ab246ba98c207f3fcca
5eebb2af2ea24c864af78fe588533a761cc33ccedb7dab1f7ced70a620a188f8
7043ea8a785d81fa19ba891758bf05a7ed2a265b44efc3d014d2e12bc4d17877
71138a5107f17be4be5be2450b710a48dc849ca384f2f79c190da563530562cc
7b58a94951c72705fa18e3aca84f1f9b4473d9a7b1556ba9bd02d0ef619d5897
9d7d1c727e1cd32745764098a76e5d3d5fb7acd3b6527c5aacd85b7c6f8ce341
a52ff79916baa89cf6eff421933efa846ea4894e3dfe5672a03fa45ab957543c
abea4c561346c4f343931634e8a64692f69666b9b918f9f831e9f03121a2aa7d
ae737b9ece98dbb9a0e2dfc555338bd012d95e8e9fc25cfa5731c3fda1a67f99
c2ed9c4ad000ca60498aea85a4bd8231c172a5f10814f03699a709a163256464
cc0980848f31590a8564d9d430217dd93683cbb3a33a241bfeeafc52a96e0676
df7e0769c209b386f0a2166e4bfc69dd782ea558fb1f9ff72a34a5f23539b52a
e18d5ccebc71c2cbb5672f9e915546d861e5da1678e20e85ae576cae055c18b7
e2ae23c2aa4ba97b34f5ea9987493c96c825c9e4e9f47d4f2b52531b95b3eba2
e396a37c505efa094de6fa17149f42f486b000ff4de6d27285dcbbb5b1757207
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff24258ea90670f22a0e959ebf68bb6f68236b9c8fb10452952d0e51057cb614

www.lokicasino.com Open in urlscan Pro 104.18.1.230 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

89 %HTTPS

64 %IPv6

12 Domains

13 Subdomains

11 IPs

3 Countries

548 kBTransfer

832 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.lokicasino.com Open in urlscan Pro
104.18.1.230 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

89 %
HTTPS

64 %
IPv6

12
Domains

13
Subdomains

11
IPs

3
Countries

548 kB
Transfer

832 kB
Size

1
Cookies

27 HTTP transactions
1 data transactions