urlscan.io logo urlscan.io
SecurityTrails logo

pokerroomkings.com Open in urlscan Pro
31.15.12.16  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://promo.kings.shop/
Effective URL: https://pokerroomkings.com/templates/giveaway/en/signup
Submission: On October 26 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 17 HTTP transactions. The main IP is 31.15.12.16, located in Czech Republic and belongs to GLOBE-AS www.active24.cz, CZ. The main domain is pokerroomkings.com.
TLS certificate: Issued by R3 on October 26th 2023. Valid for: 3 months.
This is the only time pokerroomkings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 7 31.15.12.16 25234 (GLOBE-AS ...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
17 7
7    31.15.12.16 (Czech Republic)

ASN25234 (GLOBE-AS www.active24.cz, CZ)
PTR: uvds216.active24.cz
promo.kings.shop
pokerroomkings.com
1    2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2607:f8b0:4004:c19::69 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
4    2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
427 KB
6 pokerroomkings.com
pokerroomkings.com
114 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 11
34 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 410
54 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1243
30 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
775 B
1 kings.shop
promo.kings.shop
114 B
17 7
Domain Requested by
6 pokerroomkings.com 2 redirects pokerroomkings.com
4 www.gstatic.com www.google.com
www.gstatic.com
3 www.google.com pokerroomkings.com
www.gstatic.com
www.google.com
2 fonts.gstatic.com www.google.com
2 cdnjs.cloudflare.com pokerroomkings.com
1 code.jquery.com pokerroomkings.com
1 fonts.googleapis.com pokerroomkings.com
1 promo.kings.shop 1 redirects
17 8

This site contains links to these domains. Also see Links.

Domain
www.kings.shop
www.twitch.tv
www.youtube.com
Subject Issuer Validity Valid
www.casinokings.eu
R3		 2023-10-26 -
2024-01-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://pokerroomkings.com/templates/giveaway/en/signup
Frame ID: 88E28F054DD8189FC93666A402075AD5
Requests: 10 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcd2s0oAAAAAAqy7MoCNIO-RoY6F1egXzfbFWg1&co=aHR0cHM6Ly9wb2tlcnJvb21raW5ncy5jb206NDQz&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=e7i07zh9bqft
Frame ID: E96A6905C11934CE5ECBA6951089F3AD
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

shop giveaway

Page URL History Show full URLs

  1. https://promo.kings.shop/ HTTP 302
    https://pokerroomkings.com/templates/giveaway HTTP 301
    https://pokerroomkings.com/templates/giveaway/ HTTP 302
    https://pokerroomkings.com/templates/giveaway/en/signup Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href="[^"]*materialize(?:\.min)?\.css
  • materialize(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

17
Requests

100 %
HTTPS

86 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

660 kB
Transfer

1610 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://promo.kings.shop/ HTTP 302
    https://pokerroomkings.com/templates/giveaway HTTP 301
    https://pokerroomkings.com/templates/giveaway/ HTTP 302
    https://pokerroomkings.com/templates/giveaway/en/signup Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request signup
pokerroomkings.com/templates/giveaway/en/
Redirect Chain
  • https://promo.kings.shop/
  • https://pokerroomkings.com/templates/giveaway
  • https://pokerroomkings.com/templates/giveaway/
  • https://pokerroomkings.com/templates/giveaway/en/signup
31 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pokerroomkings.com/templates/giveaway/en/signup
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.15.12.16 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ),
Reverse DNS
uvds216.active24.cz
Software
nginx /
Resource Hash
f39cf9d42700c5b1d2f6106b76d589b5c178e35953e04285cf50cb32e6f22e99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
6879
content-type
text/html; charset=UTF-8
date
Thu, 26 Oct 2023 13:40:37 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Host,Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 26 Oct 2023 13:40:36 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://pokerroomkings.com/templates/giveaway/en/signup
pragma
no-cache
server
nginx
vary
Host
icon
fonts.googleapis.com/ 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: pokerroomkings.com
URL: https://pokerroomkings.com/templates/giveaway/en/signup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pokerroomkings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 26 Oct 2023 13:40:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 13:40:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 26 Oct 2023 13:40:37 GMT
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: pokerroomkings.com
URL: https://pokerroomkings.com/templates/giveaway/en/signup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://pokerroomkings.com/
Origin
https://pokerroomkings.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 13:40:37 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3527037
x-cache
HIT, HIT
content-length
30638
x-served-by
cache-lga21965-LGA, cache-nyc-kteb1890027-NYC
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1698327637.284979,VS0,VE0
etag
W/"28feccc0-15851"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
413, 38895
materialize.min.css
cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/css/ 		139 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/css/materialize.min.css
Requested by
Host: pokerroomkings.com
URL: https://pokerroomkings.com/templates/giveaway/en/signup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b079a3ff21ceabb15fa5cac7f24b887e2cceac470b8eddeb9361fafa335db88
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pokerroomkings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 13:40:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7407379
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17472
last-modified
Thu, 22 Jun 2023 11:08:28 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942bac-4440"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gDb8LW02R5CtRiARu3wzfPBWxu%2FqM%2FfB0YcnojYtxQXNydN6miGSdeP8q%2BHtOZxlpl2usc14%2BamB6yAYz7LyBD8Zh4zVQ8wOc211szE%2BELun09bujUQ1P4Gm43LwRr6JDJpY%2B4K%2FfqmP6Q9T%2Fpou0XIV"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81c31cb4ffcc4bc9-BUF
expires
Tue, 15 Oct 2024 13:40:37 GMT
materialize.min.js
cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/js/ 		177 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/js/materialize.min.js
Requested by
Host: pokerroomkings.com
URL: https://pokerroomkings.com/templates/giveaway/en/signup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53f7070cc4c81c278c72f7a106fd71434e766cf49b26d6ee8b0e1003d7132b3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pokerroomkings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 13:40:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7407378
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36840
last-modified
Thu, 22 Jun 2023 11:08:28 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942bac-8fe8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2FaYjUzjY4lA8G%2BNJt%2FYK4axx1BbgK7%2BN1D%2FYdv9Dp1lF5WmBeFFqdkyNaQ7jA1Eno6wUKv%2BnDzXgYw%2BKMfXalVqtRITna4rmvLcLdB%2FfRSNa0VH05va145wo6puJ%2FPLxXVwTiLjvjlV7OtDqEiOJ0Be"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81c31cb4ffcd4bc9-BUF
expires
Tue, 15 Oct 2024 13:40:37 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Lcd2s0oAAAAAAqy7MoCNIO-RoY6F1egXzfbFWg1
Requested by
Host: pokerroomkings.com
URL: https://pokerroomkings.com/templates/giveaway/en/signup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f51b5d7cd2f522614867c73726f0c91f033bfaa6d8c6589449d2f8c4bed821e5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pokerroomkings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 13:40:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 26 Oct 2023 13:40:37 GMT
logo.png
pokerroomkings.com/templates/giveaway/img/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pokerroomkings.com/templates/giveaway/img/logo.png
Requested by
Host: pokerroomkings.com
URL: https://pokerroomkings.com/templates/giveaway/en/signup
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.15.12.16 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ),
Reverse DNS
uvds216.active24.cz
Software
nginx /
Resource Hash
689e9c4f7aa3d7a2473ce027e1c09d16f054a34e9e86f02a3b87e6aa429f1b09

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pokerroomkings.com/templates/giveaway/en/signup
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 13:40:37 GMT
last-modified
Tue, 24 Oct 2023 14:02:12 GMT
server
nginx
etag
"6415-60876c90f0fd6"
vary
Host
content-type
image/png
accept-ranges
bytes
content-length
25621
title.png
pokerroomkings.com/templates/giveaway/img/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pokerroomkings.com/templates/giveaway/img/title.png
Requested by
Host: pokerroomkings.com
URL: https://pokerroomkings.com/templates/giveaway/en/signup
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.15.12.16 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ),
Reverse DNS
uvds216.active24.cz
Software
nginx /
Resource Hash
339a8a14542689772a7e35153f03a813f7a4791bd4c128d61d438e8f300ca864

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pokerroomkings.com/templates/giveaway/en/signup
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 13:40:37 GMT
last-modified
Tue, 24 Oct 2023 14:39:12 GMT
server
nginx
etag
"5102-608774d62e0b6"
vary
Host
content-type
image/png
accept-ranges
bytes
content-length
20738
recaptcha__en.js
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ 		462 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcd2s0oAAAAAAqy7MoCNIO-RoY6F1egXzfbFWg1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
253627a82794506a7d660ee232c06a88d2eaafb6174532f8c390bb69ade6636a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pokerroomkings.com/
Origin
https://pokerroomkings.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 13:34:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
383
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
188860
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 04:01:46 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Oct 2024 13:34:14 GMT
background.jpg
pokerroomkings.com/templates/giveaway/img/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pokerroomkings.com/templates/giveaway/img/background.jpg
Requested by
Host: pokerroomkings.com
URL: https://pokerroomkings.com/templates/giveaway/en/signup
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.15.12.16 , Czech Republic, ASN25234 (GLOBE-AS www.active24.cz, CZ),
Reverse DNS
uvds216.active24.cz
Software
nginx /
Resource Hash
6d20474b3ebd80fa09dd26f0758101bc848077297fe36b694c724a09af9df5e3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pokerroomkings.com/templates/giveaway/en/signup
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 13:40:37 GMT
last-modified
Tue, 24 Oct 2023 23:17:52 GMT
server
nginx
etag
"f508-6087e8c4a7fc7"
vary
Host
content-type
image/jpeg
accept-ranges
bytes
content-length
62728
anchor
www.google.com/recaptcha/api2/ Frame E96A 		58 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcd2s0oAAAAAAqy7MoCNIO-RoY6F1egXzfbFWg1&co=aHR0cHM6Ly9wb2tlcnJvb21raW5ncy5jb206NDQz&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=e7i07zh9bqft
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9890bc31e519401a6c271e70fbc8657650c2d3473cdab356167b6e4e8c9ad8df
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-q9lhUF96QArtTIgvWfkAdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pokerroomkings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-q9lhUF96QArtTIgvWfkAdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 13:40:37 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame E96A 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcd2s0oAAAAAAqy7MoCNIO-RoY6F1egXzfbFWg1&co=aHR0cHM6Ly9wb2tlcnJvb21raW5ncy5jb206NDQz&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=e7i07zh9bqft
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 10:19:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 04:01:46 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Oct 2024 10:19:38 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame E96A 		462 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcd2s0oAAAAAAqy7MoCNIO-RoY6F1egXzfbFWg1&co=aHR0cHM6Ly9wb2tlcnJvb21raW5ncy5jb206NDQz&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=e7i07zh9bqft
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
253627a82794506a7d660ee232c06a88d2eaafb6174532f8c390bb69ade6636a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 13:34:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
383
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
188860
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 04:01:46 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Oct 2024 13:34:14 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E96A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 13:30:33 GMT
x-content-type-options
nosniff
age
519005
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 27 Oct 2023 13:30:33 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E96A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcd2s0oAAAAAAqy7MoCNIO-RoY6F1egXzfbFWg1&co=aHR0cHM6Ly9wb2tlcnJvb21raW5ncy5jb206NDQz&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=e7i07zh9bqft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 13:56:32 GMT
x-content-type-options
nosniff
age
517446
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Oct 2024 13:56:32 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E96A 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcd2s0oAAAAAAqy7MoCNIO-RoY6F1egXzfbFWg1&co=aHR0cHM6Ly9wb2tlcnJvb21raW5ncy5jb206NDQz&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=e7i07zh9bqft
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 14:02:50 GMT
x-content-type-options
nosniff
age
517068
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Oct 2024 14:02:50 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame E96A 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcd2s0oAAAAAAqy7MoCNIO-RoY6F1egXzfbFWg1&co=aHR0cHM6Ly9wb2tlcnJvb21raW5ncy5jb206NDQz&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=e7i07zh9bqft
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bd7e05751a03c3c81bf4f38808d12af294f672494f6b9d7641aaf0dfbb5fb012
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcd2s0oAAAAAAqy7MoCNIO-RoY6F1egXzfbFWg1&co=aHR0cHM6Ly9wb2tlcnJvb21raW5ncy5jb206NDQz&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=e7i07zh9bqft
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 13:40:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 26 Oct 2023 13:40:38 GMT

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture function| $ function| jQuery function| _get function| _createClass function| _possibleConstructorReturn function| _inherits function| _classCallCheck function| Component function| docHandleKeydown function| docHandleKeyup function| docHandleFocus function| docHandleBlur function| getTime object| $jscomp object| $jscomp$this function| cash object| M object| Waves object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| fwd object| recaptcha object| closure_lm_26532

1 Cookies

Domain/Path Name / Value
pokerroomkings.com/ Name: PHPSESSID
Value: 8b6621ee5e3c4d719150816a343bc95a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
pokerroomkings.com
promo.kings.shop
www.google.com
www.gstatic.com
2606:4700::6811:190e
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c19::69
2a04:4e42:600::649
31.15.12.16
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
253627a82794506a7d660ee232c06a88d2eaafb6174532f8c390bb69ade6636a
339a8a14542689772a7e35153f03a813f7a4791bd4c128d61d438e8f300ca864
3b079a3ff21ceabb15fa5cac7f24b887e2cceac470b8eddeb9361fafa335db88
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
53f7070cc4c81c278c72f7a106fd71434e766cf49b26d6ee8b0e1003d7132b3d
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
689e9c4f7aa3d7a2473ce027e1c09d16f054a34e9e86f02a3b87e6aa429f1b09
6d20474b3ebd80fa09dd26f0758101bc848077297fe36b694c724a09af9df5e3
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
9890bc31e519401a6c271e70fbc8657650c2d3473cdab356167b6e4e8c9ad8df
bd7e05751a03c3c81bf4f38808d12af294f672494f6b9d7641aaf0dfbb5fb012
f39cf9d42700c5b1d2f6106b76d589b5c178e35953e04285cf50cb32e6f22e99
f51b5d7cd2f522614867c73726f0c91f033bfaa6d8c6589449d2f8c4bed821e5