urlscan.io logo urlscan.io
SecurityTrails logo

e264q0n9r.cfotim.live Open in urlscan Pro
179.61.143.248  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://owl.li/v6St30pwWRK#FEXrvkyVsDQ0HryKfdIM
Effective URL: https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&pid=21683&redid=82411...
Submission: On September 14 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 5 countries across 7 domains to perform 11 HTTP transactions. The main IP is 179.61.143.248, located in Vienna, Austria and belongs to ASDETUK http://www.heficed.com, GB. The main domain is e264q0n9r.cfotim.live.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 17th 2019. Valid for: 3 months.
This is the only time e264q0n9r.cfotim.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 54.67.57.56 16509 (AMAZON-02)
1 1 35.204.107.25 15169 (GOOGLE)
1 1 154.16.134.38 61317 (ASDETUK h...)
8 179.61.143.248 61317 (ASDETUK h...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
11 4
2    54.67.57.56 (San Jose, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ow.ly
owl.li
ow.ly
1    35.204.107.25 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 25.107.204.35.bc.googleusercontent.com
purpleneptunes.com
1    154.16.134.38 (Sioux Falls, United States)

ASN61317 (ASDETUK http://www.heficed.com, GB)
muw.quickconnectionnow.com
8    179.61.143.248 (Vienna, Austria)

ASN61317 (ASDETUK http://www.heficed.com, GB)
e264q0n9r.cfotim.live
1    2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
code.jquery.com
Apex Domain
Subdomains		 Transfer
8 cfotim.live
e264q0n9r.cfotim.live
13 KB
2 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
33 KB
1 jquery.com
code.jquery.com
33 KB
1 quickconnectionnow.com
muw.quickconnectionnow.com
497 B
1 purpleneptunes.com
purpleneptunes.com
567 B
1 ow.ly
ow.ly
143 B
1 owl.li
owl.li
108 B
11 7
Domain Requested by
8 e264q0n9r.cfotim.live e264q0n9r.cfotim.live
1 code.jquery.com e264q0n9r.cfotim.live
1 ajax.googleapis.com e264q0n9r.cfotim.live
1 fonts.googleapis.com e264q0n9r.cfotim.live
1 muw.quickconnectionnow.com 1 redirects
1 purpleneptunes.com 1 redirects
1 ow.ly 1 redirects
1 owl.li 1 redirects
11 8

This site contains no links.

Subject Issuer Validity Valid
*.cfotim.live
Let's Encrypt Authority X3		 2019-07-17 -
2019-10-15		 3 months crt.sh
*.googleapis.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&pid=21683&redid=82411&gsid=68&campaign_id=1228&p_id=21683&id=XNSX.%3A%3A29705-r82411-t68&impid=78ee079e-d717-11e9-9e96-fa245441bcee
Frame ID: 5B68A3799556C51550A61A623B3F3155
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://owl.li/v6St30pwWRK HTTP 301
    http://ow.ly/v6St30pwWRK HTTP 301
    https://purpleneptunes.com/?a=1055&oc=10190&c=29705&m=3&s1= HTTP 302
    https://muw.quickconnectionnow.com/?kw=1055&s1=&s2=29705 HTTP 302
    https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&p... Page URL

Page Statistics

11
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

8
Subdomains

4
IPs

5
Countries

79 kB
Transfer

204 kB
Size

32
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://owl.li/v6St30pwWRK HTTP 301
    http://ow.ly/v6St30pwWRK HTTP 301
    https://purpleneptunes.com/?a=1055&oc=10190&c=29705&m=3&s1= HTTP 302
    https://muw.quickconnectionnow.com/?kw=1055&s1=&s2=29705 HTTP 302
    https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&pid=21683&redid=82411&gsid=68&campaign_id=1228&p_id=21683&id=XNSX.%3A%3A29705-r82411-t68&impid=78ee079e-d717-11e9-9e96-fa245441bcee Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
e264q0n9r.cfotim.live/
Redirect Chain
  • http://owl.li/v6St30pwWRK
  • http://ow.ly/v6St30pwWRK
  • https://purpleneptunes.com/?a=1055&oc=10190&c=29705&m=3&s1=
  • https://muw.quickconnectionnow.com/?kw=1055&s1=&s2=29705
  • https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&pid=21683&redid=82411&gsid=68&campaign_id=1228&p_id=21683&id=XNSX.%3A%3A29705-r82411-t68&imp...
11 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&pid=21683&redid=82411&gsid=68&campaign_id=1228&p_id=21683&id=XNSX.%3A%3A29705-r82411-t68&impid=78ee079e-d717-11e9-9e96-fa245441bcee
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
179.61.143.248 Vienna, Austria, ASN61317 (ASDETUK http://www.heficed.com, GB),
Reverse DNS
Software
/
Resource Hash
3e66ae3adfb8318b150f777ebfa1ae07e93ad7fee814b85a14d96d733c16c162

Request headers

Host
e264q0n9r.cfotim.live
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 7.0; SM-T713) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.105 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 7.0; SM-T713) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.105 Safari/537.36

Response headers

Date
Sat, 14 Sep 2019 17:45:43 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
ci_session=IhxMpwQEBTw09kvUSREgnWyA4ygCi%2BJYNUMNkFV3sNMJAbmCkMm9Cu7Q4ha5VPgtZAaLxyXfefgouttDaQY12fqap8recBMCjq8%2BA7RSsJ4oEN9I%2BLebgF3KV2p7zjNKdCHqn9k6vKnJS0g8MWhEjIa8mv0TSXqFinv2qD8S9ojvjvqWQcy43Q6e0UVTYFDJIbKZjVeQKPlQl%2BpxKJN4Yxkut372FJtW3R0ok8XWnVh3sVflYjUYYkPGGmiXDSNfDHsXhhyKg8iDq%2BDH%2FxJLFst3yU5O2qFNr2U1TdKTSd9QthZnEoRo1GzVVA5QOhhlfGGafNzOpOfuZDeFi7hVgLlYgZ93kgiZraz9EcbG7f8s5v1w2hyXKKkTZaOb%2F%2BV9IVFpy03jsvqV6njk62k4Bpm9zzekvy53A5NsPRC6DpXliURzgDHPNof%2FF6svP%2BKm37%2FzgXapMTQkgHbyFOGqJQ%3D%3D; expires=Sun, 15-Sep-2019 17:45:43 GMT; Max-Age=86400; path=/; domain=.e264q0n9r.cfotim.live click_id_78ee079e-d717-11e9-9e96-fa245441bcee=7953631e-d717-11e9-b347-f35abe6ca25a id=XNSX.%3A%3A29705-r82411-t68; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live SITE_ID=4244265290; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live sov=4244265290; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live tov=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.e264q0n9r.cfotim.live mov=casino.mini; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live redid=82411; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live campaign_id=1228; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live gsid=68; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live pid=21683; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.e264q0n9r.cfotim.live impid=78ee079e-d717-11e9-9e96-fa245441bcee; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live URI=sov%3D4244265290%26hid%3Dcmecskigkigigks%26%253F%253Fkw%3D1055%26group_id%3D483%26cntrl%3D00000%26pid%3D21683%26redid%3D82411%26gsid%3D68%26campaign_id%3D1228%26p_id%3D21683%26id%3DXNSX.%253A%253A29705-r82411-t68%26impid%3D78ee079e-d717-11e9-9e96-fa245441bcee; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live templateid=2618; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live path=spin-casino_MASTER; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live version=680769; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live tags[2618][expand_enable]=-1; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live tags[2618][alert_enable]=0; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live tags[2618][audio_enable]=0; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live tags[2618][pop_enable]=0; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live tags[680769][expand_enable]=-1; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live tags[680769][alert_enable]=0; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live tags[680769][audio_enable]=0; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live tags[680769][pop_enable]=0; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live content=680769; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live token=a431ca08c5e5cdb3188a4ec3815f8eb8; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live rpm=23; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live log_4244265290=1; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live token=a431ca08c5e5cdb3188a4ec3815f8eb8; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live rpm=23; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live payload=4f89156f277a4c1d09e1d3e06a37e0da359d17d4b01242c903a4fa12bf08c84359c8f1f2d0e276294ccd6e0377edcb92d9992b9a832045addbf16b6cde09758d2145f50b751d03c76ac1193cbb24257e244c42ec13e3c5e15a5587f6a97baf189a7f6d376e9d3938d8f4c123db51df8b9c736d92fa2f876c16475deb22d3dbf08da195c6a51af86c761bd3efac2a747ee7be629505f05299eb7d3dde449af1c2928b85a43284d7926c3150044e366c6d465b8c6d247f9dcdffefd5ce2f9f9359774c3c756e7b6d97466f5a5d1a858dfca039de7f019819b36735baf06026fbecb60f241f36754aa1bede601ae1abc34a9e4cd046011225f83f763453ac9e33b85182febc865ebb4d0af50ab4078f034729150e7bf97d2161297aa8b865157f715bcdc9d7a9fc11bc1708dceefa41994fb7547bc679f222b1e3422ac75ed00f04e44aff00c41b22fe253ed4403d76e835e17fc0663cb44895a785c08d52630f4ba3dffcc4d5ea0a7ae072d23f975205248e5ac555248bbfbbb204d5a2a7bed30b73179e7e2798da26e6b358ee25590923fcc0054bc906e4553f2d32086eb0fa0dee800bf0a346c2c1b381b2f2c1c41d2c1c61cad0a40a84a4310098791ec302223b523912d0feb4030d29c5da0f559ecc29bd41df4e3df67375e2e33d212dafc566907122b088cf28907a5e0a415ebbd1e4c29f4e8565448be81bc61b6ebb5ff3b8c8c9dad338986044ca73032640df401599dbb925a97547d13887e1b8cdb5c45b0c182d6922a98b92e08c2acc070963a31677239b04015b70b965cafbee12cbbd0466fc0affe67d5687795b9f9e7982707e71338a97fae6d72bae5677b033385edb6f786f0f9606c4f46fb33624c189ae6e7826c6a7299ff117a842ec8e314f9e8e0d7fbd7983beb0455d7660298e3584cba4cf4e8720433125791ab5be485403f2f0c9d8f2c9993c5bb4642a9ab3d691de7c017058bfd3975730bf4dffe4d04cd397c778d0e70c27d7b8a8ab5b91045c8e14335835e56f993d89fe0bd7b2152b40f454b20b34a028b8224e73532bfd62c40e48de5309687e867f85d8072869c1165ec5b0f1fc17073438b765b4caa0acea3c993d89afed608cc82107baddcd6d840a857bd7216f0e07d5243c21e092ac326ec90c300b4b3883523fd00bf28a35115c0e6e430accca7e2228ef135e1112cf46d2f3138ceb210d6b0bda918ea3b30d8fdb04a3840bb98d1675a0f8e4163e88c23dd328c47c3133b8e099f2ba8014a6c16e9a09903eb178649f82335d2003f5bde7f59c671fbdf9105f94d3b76e1cc89e4b71bdfb347b0cdd6c80b71ff44b030cef65bc1f32c593e675f163deafd8b7f356b623dd1f6a92ee80b9a301bc62d4b19d19bfebc5ec0aca55891b45d181e272b677aec4385eafb02eec284c9c5076d62b4361ea2a3a4995a0ff707bf5c4560a09c9e678bdd7192d3fb1f846feeae1bd6e88654a8f871ca9377efd076ab52c22fb0317dea40bd369f2e7dbe35789a95f857847a523e21828ffcd2027eced0ca11561da7b6802301fa3d0ca067534ca7a61674642b3824ffbbff9805de53fa47106ae1491a219881174f5d52e5048e2ea8869cc150bc4ff01fbd2b3c17667b3c1f9ab607d666b94dccaa7b8a6f0a7472e141afa7c03b8faf6da9e7422c64aec0cfe1b57da022b07242dc6c5da472e9fdae5e580cf868ed9; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live payloadIV=4118aae010c4bcb15dd3a31cfe4db8c9; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live init_ev=0; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live id=XNSX.%3A%3A29705-r82411-t68; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live SITE_ID=4244265290; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live sov=4244265290; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live tov=680769; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live mov=casino.mini; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live redid=82411; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live campaign_id=1228; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live gsid=68; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live pid=21683; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.e264q0n9r.cfotim.live impid=78ee079e-d717-11e9-9e96-fa245441bcee; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live tags[2618][iframe_enable]=0; expires=Sun, 15-Sep-2019 17:47:23 GMT; Max-Age=86500; path=/; domain=.e264q0n9r.cfotim.live mini-backend=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
X-Source
Mini
X-Rot
680769
X-Sov
4244265290
Expires
Mon, 01 Jan 2001 00:00:00 GMT
Cache-Control
no-cache
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

Date
Sat, 14 Sep 2019 17:45:42 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-ImpID
78ee079e-d717-11e9-9e96-fa245441bcee
Location
https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&pid=21683&redid=82411&gsid=68&campaign_id=1228&p_id=21683&id=XNSX.%3A%3A29705-r82411-t68&impid=78ee079e-d717-11e9-9e96-fa245441bcee
Set-Cookie
redir-backend=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
css
fonts.googleapis.com/ 		7 KB
828 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed%7COpen+Sans:400,700
Requested by
Host: e264q0n9r.cfotim.live
URL: https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&pid=21683&redid=82411&gsid=68&campaign_id=1228&p_id=21683&id=XNSX.%3A%3A29705-r82411-t68&impid=78ee079e-d717-11e9-9e96-fa245441bcee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
6f9bf633c8fa74b3f39a32cde14ed1c1fed0f754bdd2a7e7b7ffcc66b1872094
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&pid=21683&redid=82411&gsid=68&campaign_id=1228&p_id=21683&id=XNSX.%3A%3A29705-r82411-t68&impid=78ee079e-d717-11e9-9e96-fa245441bcee
User-Agent
Mozilla/5.0 (Linux; Android 7.0; SM-T713) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 14 Sep 2019 17:45:43 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Sat, 14 Sep 2019 17:45:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Sat, 14 Sep 2019 17:45:43 GMT
style.css
e264q0n9r.cfotim.live/templates/_common/_templates/spin-casino_MASTER/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://e264q0n9r.cfotim.live/templates/_common/_templates/spin-casino_MASTER/css/style.css
Requested by
Host: e264q0n9r.cfotim.live
URL: https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&pid=21683&redid=82411&gsid=68&campaign_id=1228&p_id=21683&id=XNSX.%3A%3A29705-r82411-t68&impid=78ee079e-d717-11e9-9e96-fa245441bcee
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
179.61.143.248 Vienna, Austria, ASN61317 (ASDETUK http://www.heficed.com, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&pid=21683&redid=82411&gsid=68&campaign_id=1228&p_id=21683&id=XNSX.%3A%3A29705-r82411-t68&impid=78ee079e-d717-11e9-9e96-fa245441bcee
User-Agent
Mozilla/5.0 (Linux; Android 7.0; SM-T713) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.105 Safari/537.36

Response headers

Connection
close
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: e264q0n9r.cfotim.live
URL: https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&pid=21683&redid=82411&gsid=68&campaign_id=1228&p_id=21683&id=XNSX.%3A%3A29705-r82411-t68&impid=78ee079e-d717-11e9-9e96-fa245441bcee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&pid=21683&redid=82411&gsid=68&campaign_id=1228&p_id=21683&id=XNSX.%3A%3A29705-r82411-t68&impid=78ee079e-d717-11e9-9e96-fa245441bcee
User-Agent
Mozilla/5.0 (Linux; Android 7.0; SM-T713) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.105 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 10:52:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1925582
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
32954
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 Aug 2020 10:52:41 GMT
overlay.png
e264q0n9r.cfotim.live/templates/_common/_templates/spin-casino_MASTER/images/ 		0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e264q0n9r.cfotim.live/templates/_common/_templates/spin-casino_MASTER/images/overlay.png
Requested by
Host: e264q0n9r.cfotim.live
URL: https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&pid=21683&redid=82411&gsid=68&campaign_id=1228&p_id=21683&id=XNSX.%3A%3A29705-r82411-t68&impid=78ee079e-d717-11e9-9e96-fa245441bcee
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
179.61.143.248 Vienna, Austria, ASN61317 (ASDETUK http://www.heficed.com, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&pid=21683&redid=82411&gsid=68&campaign_id=1228&p_id=21683&id=XNSX.%3A%3A29705-r82411-t68&impid=78ee079e-d717-11e9-9e96-fa245441bcee
User-Agent
Mozilla/5.0 (Linux; Android 7.0; SM-T713) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.105 Safari/537.36

Response headers

Connection
close
overlay2.png
e264q0n9r.cfotim.live/templates/_common/_templates/spin-casino_MASTER/images/ 		0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e264q0n9r.cfotim.live/templates/_common/_templates/spin-casino_MASTER/images/overlay2.png
Requested by
Host: e264q0n9r.cfotim.live
URL: https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&pid=21683&redid=82411&gsid=68&campaign_id=1228&p_id=21683&id=XNSX.%3A%3A29705-r82411-t68&impid=78ee079e-d717-11e9-9e96-fa245441bcee
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
179.61.143.248 Vienna, Austria, ASN61317 (ASDETUK http://www.heficed.com, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&pid=21683&redid=82411&gsid=68&campaign_id=1228&p_id=21683&id=XNSX.%3A%3A29705-r82411-t68&impid=78ee079e-d717-11e9-9e96-fa245441bcee
User-Agent
Mozilla/5.0 (Linux; Android 7.0; SM-T713) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.105 Safari/537.36

Response headers

Connection
close
euro_reel.fs8.png
e264q0n9r.cfotim.live/templates/_common/_templates/spin-casino_MASTER/images/ 		0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e264q0n9r.cfotim.live/templates/_common/_templates/spin-casino_MASTER/images/euro_reel.fs8.png
Requested by
Host: e264q0n9r.cfotim.live
URL: https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&pid=21683&redid=82411&gsid=68&campaign_id=1228&p_id=21683&id=XNSX.%3A%3A29705-r82411-t68&impid=78ee079e-d717-11e9-9e96-fa245441bcee
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
179.61.143.248 Vienna, Austria, ASN61317 (ASDETUK http://www.heficed.com, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&pid=21683&redid=82411&gsid=68&campaign_id=1228&p_id=21683&id=XNSX.%3A%3A29705-r82411-t68&impid=78ee079e-d717-11e9-9e96-fa245441bcee
User-Agent
Mozilla/5.0 (Linux; Android 7.0; SM-T713) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.105 Safari/537.36

Response headers

Connection
close
spin1.png
e264q0n9r.cfotim.live/templates/_common/_templates/spin-casino_MASTER/images/ 		0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e264q0n9r.cfotim.live/templates/_common/_templates/spin-casino_MASTER/images/spin1.png
Requested by
Host: e264q0n9r.cfotim.live
URL: https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&pid=21683&redid=82411&gsid=68&campaign_id=1228&p_id=21683&id=XNSX.%3A%3A29705-r82411-t68&impid=78ee079e-d717-11e9-9e96-fa245441bcee
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
179.61.143.248 Vienna, Austria, ASN61317 (ASDETUK http://www.heficed.com, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&pid=21683&redid=82411&gsid=68&campaign_id=1228&p_id=21683&id=XNSX.%3A%3A29705-r82411-t68&impid=78ee079e-d717-11e9-9e96-fa245441bcee
User-Agent
Mozilla/5.0 (Linux; Android 7.0; SM-T713) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.105 Safari/537.36

Response headers

Connection
close
spin2.png
e264q0n9r.cfotim.live/templates/_common/_templates/spin-casino_MASTER/images/ 		0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e264q0n9r.cfotim.live/templates/_common/_templates/spin-casino_MASTER/images/spin2.png
Requested by
Host: e264q0n9r.cfotim.live
URL: https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&pid=21683&redid=82411&gsid=68&campaign_id=1228&p_id=21683&id=XNSX.%3A%3A29705-r82411-t68&impid=78ee079e-d717-11e9-9e96-fa245441bcee
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
179.61.143.248 Vienna, Austria, ASN61317 (ASDETUK http://www.heficed.com, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&pid=21683&redid=82411&gsid=68&campaign_id=1228&p_id=21683&id=XNSX.%3A%3A29705-r82411-t68&impid=78ee079e-d717-11e9-9e96-fa245441bcee
User-Agent
Mozilla/5.0 (Linux; Android 7.0; SM-T713) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.105 Safari/537.36

Response headers

Connection
close
loader.gif
e264q0n9r.cfotim.live/templates/_common/_templates/spin-casino_MASTER/images/ 		0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e264q0n9r.cfotim.live/templates/_common/_templates/spin-casino_MASTER/images/loader.gif
Requested by
Host: e264q0n9r.cfotim.live
URL: https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&pid=21683&redid=82411&gsid=68&campaign_id=1228&p_id=21683&id=XNSX.%3A%3A29705-r82411-t68&impid=78ee079e-d717-11e9-9e96-fa245441bcee
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
179.61.143.248 Vienna, Austria, ASN61317 (ASDETUK http://www.heficed.com, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&pid=21683&redid=82411&gsid=68&campaign_id=1228&p_id=21683&id=XNSX.%3A%3A29705-r82411-t68&impid=78ee079e-d717-11e9-9e96-fa245441bcee
User-Agent
Mozilla/5.0 (Linux; Android 7.0; SM-T713) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.105 Safari/537.36

Response headers

Connection
close
jquery-1.11.3.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.3.min.js
Requested by
Host: e264q0n9r.cfotim.live
URL: https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&pid=21683&redid=82411&gsid=68&campaign_id=1228&p_id=21683&id=XNSX.%3A%3A29705-r82411-t68&impid=78ee079e-d717-11e9-9e96-fa245441bcee
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://e264q0n9r.cfotim.live/?sov=4244265290&hid=cmecskigkigigks&%3F%3Fkw=1055&group_id=483&cntrl=00000&pid=21683&redid=82411&gsid=68&campaign_id=1228&p_id=21683&id=XNSX.%3A%3A29705-r82411-t68&impid=78ee079e-d717-11e9-9e96-fa245441bcee
User-Agent
Mozilla/5.0 (Linux; Android 7.0; SM-T713) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.105 Safari/537.36

Response headers

Date
Sat, 14 Sep 2019 17:45:43 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Apr 2015 16:20:58 GMT
Server
nginx
ETag
"553fb36a-176d5"
Vary
Accept-Encoding
X-HW
1568483143.dop142.fr8.shc,1568483143.dop142.fr8.t,1568483143.cds055.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
33261

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery string| raw_prize_value function| formatPrizeValue function| initLiveJackpot string| currency function| stepOne function| stepTwo function| stepThree function| spinsCount object| $jackpot_display object| e

32 Cookies

Domain/Path Name / Value
.e264q0n9r.cfotim.live/ Name: tags[2618][iframe_enable]
Value: 0
.e264q0n9r.cfotim.live/ Name: payload
Value: 4f89156f277a4c1d09e1d3e06a37e0da359d17d4b01242c903a4fa12bf08c84359c8f1f2d0e276294ccd6e0377edcb92d9992b9a832045addbf16b6cde09758d2145f50b751d03c76ac1193cbb24257e244c42ec13e3c5e15a5587f6a97baf189a7f6d376e9d3938d8f4c123db51df8b9c736d92fa2f876c16475deb22d3dbf08da195c6a51af86c761bd3efac2a747ee7be629505f05299eb7d3dde449af1c2928b85a43284d7926c3150044e366c6d465b8c6d247f9dcdffefd5ce2f9f9359774c3c756e7b6d97466f5a5d1a858dfca039de7f019819b36735baf06026fbecb60f241f36754aa1bede601ae1abc34a9e4cd046011225f83f763453ac9e33b85182febc865ebb4d0af50ab4078f034729150e7bf97d2161297aa8b865157f715bcdc9d7a9fc11bc1708dceefa41994fb7547bc679f222b1e3422ac75ed00f04e44aff00c41b22fe253ed4403d76e835e17fc0663cb44895a785c08d52630f4ba3dffcc4d5ea0a7ae072d23f975205248e5ac555248bbfbbb204d5a2a7bed30b73179e7e2798da26e6b358ee25590923fcc0054bc906e4553f2d32086eb0fa0dee800bf0a346c2c1b381b2f2c1c41d2c1c61cad0a40a84a4310098791ec302223b523912d0feb4030d29c5da0f559ecc29bd41df4e3df67375e2e33d212dafc566907122b088cf28907a5e0a415ebbd1e4c29f4e8565448be81bc61b6ebb5ff3b8c8c9dad338986044ca73032640df401599dbb925a97547d13887e1b8cdb5c45b0c182d6922a98b92e08c2acc070963a31677239b04015b70b965cafbee12cbbd0466fc0affe67d5687795b9f9e7982707e71338a97fae6d72bae5677b033385edb6f786f0f9606c4f46fb33624c189ae6e7826c6a7299ff117a842ec8e314f9e8e0d7fbd7983beb0455d7660298e3584cba4cf4e8720433125791ab5be485403f2f0c9d8f2c9993c5bb4642a9ab3d691de7c017058bfd3975730bf4dffe4d04cd397c778d0e70c27d7b8a8ab5b91045c8e14335835e56f993d89fe0bd7b2152b40f454b20b34a028b8224e73532bfd62c40e48de5309687e867f85d8072869c1165ec5b0f1fc17073438b765b4caa0acea3c993d89afed608cc82107baddcd6d840a857bd7216f0e07d5243c21e092ac326ec90c300b4b3883523fd00bf28a35115c0e6e430accca7e2228ef135e1112cf46d2f3138ceb210d6b0bda918ea3b30d8fdb04a3840bb98d1675a0f8e4163e88c23dd328c47c3133b8e099f2ba8014a6c16e9a09903eb178649f82335d2003f5bde7f59c671fbdf9105f94d3b76e1cc89e4b71bdfb347b0cdd6c80b71ff44b030cef65bc1f32c593e675f163deafd8b7f356b623dd1f6a92ee80b9a301bc62d4b19d19bfebc5ec0aca55891b45d181e272b677aec4385eafb02eec284c9c5076d62b4361ea2a3a4995a0ff707bf5c4560a09c9e678bdd7192d3fb1f846feeae1bd6e88654a8f871ca9377efd076ab52c22fb0317dea40bd369f2e7dbe35789a95f857847a523e21828ffcd2027eced0ca11561da7b6802301fa3d0ca067534ca7a61674642b3824ffbbff9805de53fa47106ae1491a219881174f5d52e5048e2ea8869cc150bc4ff01fbd2b3c17667b3c1f9ab607d666b94dccaa7b8a6f0a7472e141afa7c03b8faf6da9e7422c64aec0cfe1b57da022b07242dc6c5da472e9fdae5e580cf868ed9
.e264q0n9r.cfotim.live/ Name: log_4244265290
Value: 1
.e264q0n9r.cfotim.live/ Name: rpm
Value: 23
.e264q0n9r.cfotim.live/ Name: token
Value: a431ca08c5e5cdb3188a4ec3815f8eb8
.e264q0n9r.cfotim.live/ Name: content
Value: 680769
.e264q0n9r.cfotim.live/ Name: gsid
Value: 68
.e264q0n9r.cfotim.live/ Name: tags[680769][expand_enable]
Value: -1
.e264q0n9r.cfotim.live/ Name: payloadIV
Value: 4118aae010c4bcb15dd3a31cfe4db8c9
.e264q0n9r.cfotim.live/ Name: ci_session
Value: IhxMpwQEBTw09kvUSREgnWyA4ygCi%2BJYNUMNkFV3sNMJAbmCkMm9Cu7Q4ha5VPgtZAaLxyXfefgouttDaQY12fqap8recBMCjq8%2BA7RSsJ4oEN9I%2BLebgF3KV2p7zjNKdCHqn9k6vKnJS0g8MWhEjIa8mv0TSXqFinv2qD8S9ojvjvqWQcy43Q6e0UVTYFDJIbKZjVeQKPlQl%2BpxKJN4Yxkut372FJtW3R0ok8XWnVh3sVflYjUYYkPGGmiXDSNfDHsXhhyKg8iDq%2BDH%2FxJLFst3yU5O2qFNr2U1TdKTSd9QthZnEoRo1GzVVA5QOhhlfGGafNzOpOfuZDeFi7hVgLlYgZ93kgiZraz9EcbG7f8s5v1w2hyXKKkTZaOb%2F%2BV9IVFpy03jsvqV6njk62k4Bpm9zzekvy53A5NsPRC6DpXliURzgDHPNof%2FF6svP%2BKm37%2FzgXapMTQkgHbyFOGqJQ%3D%3D
.e264q0n9r.cfotim.live/ Name: tags[2618][audio_enable]
Value: 0
.e264q0n9r.cfotim.live/ Name: sov
Value: 4244265290
.e264q0n9r.cfotim.live/ Name: tags[2618][expand_enable]
Value: -1
.e264q0n9r.cfotim.live/ Name: tags[680769][audio_enable]
Value: 0
.e264q0n9r.cfotim.live/ Name: tags[680769][alert_enable]
Value: 0
.e264q0n9r.cfotim.live/ Name: tags[2618][pop_enable]
Value: 0
.e264q0n9r.cfotim.live/ Name: version
Value: 680769
.e264q0n9r.cfotim.live/ Name: init_ev
Value: 0
.e264q0n9r.cfotim.live/ Name: templateid
Value: 2618
.e264q0n9r.cfotim.live/ Name: URI
Value: sov%3D4244265290%26hid%3Dcmecskigkigigks%26%253F%253Fkw%3D1055%26group_id%3D483%26cntrl%3D00000%26pid%3D21683%26redid%3D82411%26gsid%3D68%26campaign_id%3D1228%26p_id%3D21683%26id%3DXNSX.%253A%253A29705-r82411-t68%26impid%3D78ee079e-d717-11e9-9e96-fa245441bcee
.e264q0n9r.cfotim.live/ Name: tags[680769][pop_enable]
Value: 0
.e264q0n9r.cfotim.live/ Name: campaign_id
Value: 1228
.e264q0n9r.cfotim.live/ Name: pid
Value: 21683
.e264q0n9r.cfotim.live/ Name: redid
Value: 82411
.e264q0n9r.cfotim.live/ Name: impid
Value: 78ee079e-d717-11e9-9e96-fa245441bcee
.e264q0n9r.cfotim.live/ Name: id
Value: XNSX.%3A%3A29705-r82411-t68
.e264q0n9r.cfotim.live/ Name: mov
Value: casino.mini
.e264q0n9r.cfotim.live/ Name: path
Value: spin-casino_MASTER
.e264q0n9r.cfotim.live/ Name: tov
Value: 680769
e264q0n9r.cfotim.live/ Name: click_id_78ee079e-d717-11e9-9e96-fa245441bcee
Value: 7953631e-d717-11e9-b347-f35abe6ca25a
.e264q0n9r.cfotim.live/ Name: tags[2618][alert_enable]
Value: 0
.e264q0n9r.cfotim.live/ Name: SITE_ID
Value: 4244265290