urlscan.io logo urlscan.io
SecurityTrails logo

levss-fun.xyz Open in urlscan Pro
2a03:b0c0:2:d0::f1f:3001  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://steam-auth.ru/
Effective URL: https://levss-fun.xyz/promos/register1?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
Submission: On March 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 12 domains to perform 39 HTTP transactions. The main IP is 2a03:b0c0:2:d0::f1f:3001, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is levss-fun.xyz.
TLS certificate: Issued by R3 on January 14th 2024. Valid for: 3 months.
This is the only time levss-fun.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
11 2a03:b0c0:3:d... 14061 (DIGITALOC...)
3 2a00:1450:400... 15169 (GOOGLE)
11 2a03:b0c0:2:d... 14061 (DIGITALOC...)
1 2a03:b0c0:3:d... 14061 (DIGITALOC...)
1 2a03:b0c0:3:d... 14061 (DIGITALOC...)
1 2a03:b0c0:3:d... 14061 (DIGITALOC...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a03:b0c0:3:d... 14061 (DIGITALOC...)
39 12
1    2606:4700:3037::ac43:98b3 (United States)

ASN13335 (CLOUDFLARENET, US)
steam-auth.ru
11    2a03:b0c0:3:d0::1a47:9001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
flowvideoslot.top
3    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
11    2a03:b0c0:2:d0::f1f:3001 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
levss-fun.xyz
cazinosprofit.com
1    2a03:b0c0:3:d0::145f:4001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
leocasino.xyz
1    2a03:b0c0:3:d0::12b0:7001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
levs-volatility.top
1    2a03:b0c0:3:d0::d94:2001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
slotsgamble.xyz
2    2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
4    2a03:b0c0:3:d0::192c:4001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
1.join2game.com
Apex Domain
Subdomains		 Transfer
11 flowvideoslot.top
flowvideoslot.top
173 KB
10 levss-fun.xyz
levss-fun.xyz
305 KB
4 join2game.com
1.join2game.com
7 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 163
771 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
21 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 90
404 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
87 KB
1 slotsgamble.xyz
slotsgamble.xyz
171 B
1 cazinosprofit.com
cazinosprofit.com
171 B
1 levs-volatility.top
levs-volatility.top
171 B
1 leocasino.xyz
leocasino.xyz
171 B
1 steam-auth.ru
steam-auth.ru
1 KB
39 12
Domain Requested by
11 flowvideoslot.top flowvideoslot.top
10 levss-fun.xyz flowvideoslot.top
levss-fun.xyz
4 1.join2game.com levss-fun.xyz
3 analytics.google.com www.googletagmanager.com
3 www.google-analytics.com flowvideoslot.top
www.google-analytics.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
1 www.google.com flowvideoslot.top
1 www.googletagmanager.com www.google-analytics.com
1 slotsgamble.xyz flowvideoslot.top
1 cazinosprofit.com flowvideoslot.top
1 levs-volatility.top flowvideoslot.top
1 leocasino.xyz flowvideoslot.top
1 steam-auth.ru 1 redirects
39 13

This site contains no links.

Subject Issuer Validity Valid
*.flowvideoslot.top
R3		 2024-01-25 -
2024-04-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.levss-fun.xyz
R3		 2024-01-14 -
2024-04-13		 3 months crt.sh
*.leocasino.xyz
R3		 2024-03-13 -
2024-06-11		 3 months crt.sh
*.levs-volatility.top
R3		 2024-01-17 -
2024-04-16		 3 months crt.sh
*.cazinosprofit.com
R3		 2024-02-22 -
2024-05-22		 3 months crt.sh
*.slotsgamble.xyz
R3		 2024-02-01 -
2024-05-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.join2game.com
R3		 2024-01-16 -
2024-04-15		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://levss-fun.xyz/promos/register1?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
Frame ID: 68947531F501A19CECF8E3F7198028E9
Requests: 39 HTTP requests in this frame

Frame: https://1.join2game.com/api/v18/hits
Frame ID: E27910F6A2DDFA94FBDB1347CF77DA71
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Игорный дом Лев - официальный сайт игрового клуба

Page URL History Show full URLs

  1. http://steam-auth.ru/ HTTP 302
    https://flowvideoslot.top/?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv Page URL
  2. https://levss-fun.xyz/promos/register1?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

100 %
HTTPS

100 %
IPv6

12
Domains

13
Subdomains

12
IPs

4
Countries

594 kB
Transfer

799 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://steam-auth.ru/ HTTP 302
    https://flowvideoslot.top/?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv Page URL
  2. https://levss-fun.xyz/promos/register1?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://steam-auth.ru/ HTTP 302
  • https://flowvideoslot.top/?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
flowvideoslot.top/
Redirect Chain
  • http://steam-auth.ru/
  • https://flowvideoslot.top/?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flowvideoslot.top/?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:3:d0::1a47:9001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / PHP/8.2.16
Resource Hash
9010b26af353136c61cf768a8af3fbfbabed9deaf1562424b3b2272c7a977f60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 16 Mar 2024 00:21:20 GMT
server
nginx
x-pcdn-proxy-cache
MISS
x-powered-by
PHP/8.2.16

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
8650952389349b7a-FRA
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 16 Mar 2024 00:21:20 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Location
https://flowvideoslot.top?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma
no-cache
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2FWbXtxBP7VGvP9xnrf6RLkyvwYZOwa06cTYd8aJArBM3TpU4CM0sSiNBI3VqXK%2FjH8X3aY8UV0eGq%2B%2BpIeICRCoPzxyfPMKWhuOJnj2JE8QflYELuUPj%2FkOZulazkEHqaKk1jHTe6Zz9MHb"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
index.css
flowvideoslot.top/assets/css/lev/ 		53 B
202 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flowvideoslot.top/assets/css/lev/index.css?5d4e2678ddb91c15b2fbe7a8d75228da
Requested by
Host: flowvideoslot.top
URL: https://flowvideoslot.top/?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:3:d0::1a47:9001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
4c7ab0d3b11cc0437c78d6e481d9615ee762eab312e2f1faeb2a7449c3eb7b9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flowvideoslot.top/?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:21:20 GMT
last-modified
Mon, 11 Mar 2024 13:24:01 GMT
server
nginx
etag
"65ef05f1-35"
content-type
text/css
accept-ranges
bytes
content-length
53
x-pcdn-proxy-cache
MISS
jquery-2.1.4.min.js
flowvideoslot.top/assets/js/vendor/ 		82 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flowvideoslot.top/assets/js/vendor/jquery-2.1.4.min.js
Requested by
Host: flowvideoslot.top
URL: https://flowvideoslot.top/?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:3:d0::1a47:9001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flowvideoslot.top/?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:21:20 GMT
last-modified
Mon, 11 Mar 2024 13:23:51 GMT
server
nginx
etag
"65ef05e7-14979"
content-type
application/javascript
accept-ranges
bytes
content-length
84345
x-pcdn-proxy-cache
MISS
mobile-detect.min.js
flowvideoslot.top/assets/js/vendor/ 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flowvideoslot.top/assets/js/vendor/mobile-detect.min.js
Requested by
Host: flowvideoslot.top
URL: https://flowvideoslot.top/?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:3:d0::1a47:9001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
363a80d367e6658e72d918cd33f9481ce7929199a9858122b0dcc61dffa62fde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flowvideoslot.top/?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:21:20 GMT
last-modified
Mon, 11 Mar 2024 13:23:57 GMT
server
nginx
etag
"65ef05ed-9624"
content-type
application/javascript
accept-ranges
bytes
content-length
38436
x-pcdn-proxy-cache
MISS
ga.js
flowvideoslot.top/assets/js/vendor/ 		151 B
311 B 		Script
General
Check archive.org
Download Go to
Full URL
https://flowvideoslot.top/assets/js/vendor/ga.js?73dd0f88467517e83b47230d1ba6328e
Requested by
Host: flowvideoslot.top
URL: https://flowvideoslot.top/?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:3:d0::1a47:9001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
1d0afb787e16bba36010a5f0211a1f953b484e9a5b957629ebed2b8715503985

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flowvideoslot.top/?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:21:20 GMT
last-modified
Mon, 11 Mar 2024 13:24:01 GMT
server
nginx
etag
"65ef05f1-97"
content-type
application/javascript
accept-ranges
bytes
content-length
151
x-pcdn-proxy-cache
MISS
utils.js
flowvideoslot.top/assets/js/includes/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flowvideoslot.top/assets/js/includes/utils.js?73dd0f88467517e83b47230d1ba6328e
Requested by
Host: flowvideoslot.top
URL: https://flowvideoslot.top/?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:3:d0::1a47:9001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
61d797156e4fa31da65937c5ffc89624ad7a3d9e10775efd7ff4ee83a843849f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flowvideoslot.top/?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:21:20 GMT
last-modified
Mon, 11 Mar 2024 13:24:01 GMT
server
nginx
etag
"65ef05f1-a12"
content-type
application/javascript
accept-ranges
bytes
content-length
2578
x-pcdn-proxy-cache
MISS
mirrors.js
flowvideoslot.top/assets/js/includes/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flowvideoslot.top/assets/js/includes/mirrors.js?73dd0f88467517e83b47230d1ba6328e
Requested by
Host: flowvideoslot.top
URL: https://flowvideoslot.top/?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:3:d0::1a47:9001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
1ccce79d36924d83301aa8a4b690c2bad980318c11a6ff55b445bfe6ee1b83b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flowvideoslot.top/?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:21:20 GMT
last-modified
Mon, 11 Mar 2024 13:23:51 GMT
server
nginx
etag
"65ef05e7-15d6"
content-type
application/javascript
accept-ranges
bytes
content-length
5590
x-pcdn-proxy-cache
MISS
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: flowvideoslot.top
URL: https://flowvideoslot.top/?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flowvideoslot.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 15 Mar 2024 23:48:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1992
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 16 Mar 2024 01:48:08 GMT
main-custom.js
flowvideoslot.top/assets/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flowvideoslot.top/assets/js/main-custom.js?73dd0f88467517e83b47230d1ba6328e
Requested by
Host: flowvideoslot.top
URL: https://flowvideoslot.top/?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:3:d0::1a47:9001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
739a2ef59d40e48950afadb1ac2f062a15b42a6b53c2a4f932212638c6b1ebd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flowvideoslot.top/?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:21:20 GMT
last-modified
Mon, 11 Mar 2024 13:23:57 GMT
server
nginx
etag
"65ef05ed-e33"
content-type
application/javascript
accept-ranges
bytes
content-length
3635
x-pcdn-proxy-cache
MISS
reset.css
flowvideoslot.top/assets/css/lev/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flowvideoslot.top/assets/css/lev/reset.css
Requested by
Host: flowvideoslot.top
URL: https://flowvideoslot.top/assets/css/lev/index.css?5d4e2678ddb91c15b2fbe7a8d75228da
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:3:d0::1a47:9001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
c44027d25b73be691cf48eadc77675005ae89f459811f3814d6e458d0667b848

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flowvideoslot.top/assets/css/lev/index.css?5d4e2678ddb91c15b2fbe7a8d75228da
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:21:20 GMT
last-modified
Mon, 11 Mar 2024 13:24:01 GMT
server
nginx
etag
"65ef05f1-1aad"
content-type
text/css
accept-ranges
bytes
content-length
6829
x-pcdn-proxy-cache
MISS
styles.css
flowvideoslot.top/assets/css/lev/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flowvideoslot.top/assets/css/lev/styles.css
Requested by
Host: flowvideoslot.top
URL: https://flowvideoslot.top/assets/css/lev/index.css?5d4e2678ddb91c15b2fbe7a8d75228da
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:3:d0::1a47:9001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
1f4c00bc6a0a0df8afc3e733e4f7932e055c3b479c20218f1feb8ee92e0f0afd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flowvideoslot.top/assets/css/lev/index.css?5d4e2678ddb91c15b2fbe7a8d75228da
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:21:20 GMT
last-modified
Mon, 11 Mar 2024 13:23:57 GMT
server
nginx
etag
"65ef05ed-52c"
content-type
text/css
accept-ranges
bytes
content-length
1324
x-pcdn-proxy-cache
MISS
redirect.gif
flowvideoslot.top/assets/images/lev/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flowvideoslot.top/assets/images/lev/redirect.gif
Requested by
Host: flowvideoslot.top
URL: https://flowvideoslot.top/assets/css/lev/styles.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:3:d0::1a47:9001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
bbdcd2ee1abec07c4c25511818b85923ef3ad72227456e0585fb9503ec30a2d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flowvideoslot.top/assets/css/lev/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:21:20 GMT
last-modified
Mon, 11 Mar 2024 13:23:51 GMT
server
nginx
etag
"65ef05e7-7736"
content-type
image/gif
accept-ranges
bytes
content-length
30518
x-pcdn-proxy-cache
MISS
ping.php
levss-fun.xyz/ 		55 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://levss-fun.xyz/ping.php?timestamp=1710548480973&callback=jQuery21407411582061333732_1710548480950&_=1710548480951
Requested by
Host: flowvideoslot.top
URL: https://flowvideoslot.top/assets/js/vendor/jquery-2.1.4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:2:d0::f1f:3001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
4169624f32113f59fd74b5d1584a27795cfb02b10d3e556f31b8cf63e69fa0ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flowvideoslot.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 16 Mar 2024 00:21:21 GMT
server
nginx
content-length
55
access-control-allow-methods
GET
content-type
application/json
ping.php
leocasino.xyz/ 		55 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://leocasino.xyz/ping.php?timestamp=1710548480976&callback=jQuery21407411582061333732_1710548480952&_=1710548480953
Requested by
Host: flowvideoslot.top
URL: https://flowvideoslot.top/assets/js/vendor/jquery-2.1.4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:3:d0::145f:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e2c1509029b0eb666e2c1b9d069b2109bf0d1fd8ca83759d9638215b699401dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flowvideoslot.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 16 Mar 2024 00:21:21 GMT
server
nginx
content-length
55
access-control-allow-methods
GET
content-type
application/json
ping.php
levs-volatility.top/ 		55 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://levs-volatility.top/ping.php?timestamp=1710548480976&callback=jQuery21407411582061333732_1710548480954&_=1710548480955
Requested by
Host: flowvideoslot.top
URL: https://flowvideoslot.top/assets/js/vendor/jquery-2.1.4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:3:d0::12b0:7001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
aa77f7759cc5da25cb4ddb59ac5abb4c9ad112e4a12ff24284fb0922569d7e5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flowvideoslot.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 16 Mar 2024 00:21:21 GMT
server
nginx
content-length
55
access-control-allow-methods
GET
content-type
application/json
ping.php
cazinosprofit.com/ 		55 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cazinosprofit.com/ping.php?timestamp=1710548480976&callback=jQuery21407411582061333732_1710548480956&_=1710548480957
Requested by
Host: flowvideoslot.top
URL: https://flowvideoslot.top/assets/js/vendor/jquery-2.1.4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:2:d0::f1f:3001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
1f2b1462544f7340668f6a202c1a5e8d175aef737da57e7396e36b62ec164af6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flowvideoslot.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 16 Mar 2024 00:21:21 GMT
server
nginx
content-length
55
access-control-allow-methods
GET
content-type
application/json
ping.php
slotsgamble.xyz/ 		55 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://slotsgamble.xyz/ping.php?timestamp=1710548480977&callback=jQuery21407411582061333732_1710548480958&_=1710548480959
Requested by
Host: flowvideoslot.top
URL: https://flowvideoslot.top/assets/js/vendor/jquery-2.1.4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:3:d0::d94:2001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
cf80d4806292ec757117fa1e08ad60a77777a9467618f3028e382cb72e06807b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flowvideoslot.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 16 Mar 2024 00:21:21 GMT
server
nginx
content-length
55
access-control-allow-methods
GET
content-type
application/json
collect
www.google-analytics.com/j/ 		16 B
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=638021524&t=pageview&_s=1&dl=https%3A%2F%2Fflowvideoslot.top%2F%3Fref%3Dfap_w39614p111_cpa_50_lev%26utm_term%3D2mtesg21h18jv&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=769309395&gjid=324773425&cid=9484089.1710548481&tid=UA-85255408-1&_gid=1820772830.1710548481&_r=1&_slc=1&z=1494034393
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
07b2a386b1a126966d74c6acf7f643873be7e6008018212d0e7847238d3a2361
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://flowvideoslot.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 00:21:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://flowvideoslot.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-85255408-1&cid=9484089.1710548481&jid=769309395&gjid=324773425&_gid=1820772830.1710548481&_u=IEBAAEAAAAAAACAAI~&z=255837795
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://flowvideoslot.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 16 Mar 2024 00:21:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://flowvideoslot.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		248 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4THE8BZ9EY&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
316169929e4b443d120ce3ceda1681177656030687c1d17bd859c942f9d3e811
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flowvideoslot.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:21:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88780
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 16 Mar 2024 00:21:21 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-85255408-1&cid=9484089.1710548481&jid=769309395&_u=IEBAAEAAAAAAACAAI~&z=300465435
Requested by
Host: flowvideoslot.top
URL: https://flowvideoslot.top/?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flowvideoslot.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 00:21:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-4THE8BZ9EY&gtm=45je43d0v9123213902za200&_p=1710548481003&_gaz=1&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-us&sr=1600x1200&cid=9484089.1710548481&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fflowvideoslot.top%2F%3Fref%3Dfap_w39614p111_cpa_50_lev%26utm_term%3D2mtesg21h18jv&sid=1710548481&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=778
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4THE8BZ9EY&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flowvideoslot.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 00:21:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://flowvideoslot.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4THE8BZ9EY&cid=9484089.1710548481&gtm=45je43d0v9123213902za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4THE8BZ9EY&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flowvideoslot.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 00:21:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://flowvideoslot.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-4THE8BZ9EY&gtm=45je43d0v9123213902za200&_p=1710548481003&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-us&sr=1600x1200&cid=9484089.1710548481&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AhAI&_s=2&dl=https%3A%2F%2Fflowvideoslot.top%2F%3Fref%3Dfap_w39614p111_cpa_50_lev%26utm_term%3D2mtesg21h18jv&sid=1710548481&sct=1&seg=0&en=ok&_ee=1&ep.event_category=redirection&ep.event_label=levss-fun.xyz&_et=2846&tfd=3629
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4THE8BZ9EY&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flowvideoslot.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 00:21:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://flowvideoslot.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-4THE8BZ9EY&gtm=45je43d0v9123213902za200&_p=1710548481003&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-us&sr=1600x1200&cid=9484089.1710548481&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABgI&_s=3&dl=https%3A%2F%2Fflowvideoslot.top%2F%3Fref%3Dfap_w39614p111_cpa_50_lev%26utm_term%3D2mtesg21h18jv&sid=1710548481&sct=1&seg=0&en=success&_c=1&ep.event_category=redirection&ep.event_label=levss-fun.xyz&_et=2846&tfd=3630
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4THE8BZ9EY&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flowvideoslot.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 00:21:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://flowvideoslot.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Primary Request register1
levss-fun.xyz/promos/ 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://levss-fun.xyz/promos/register1?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
Requested by
Host: flowvideoslot.top
URL: https://flowvideoslot.top/assets/js/main-custom.js?73dd0f88467517e83b47230d1ba6328e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:2:d0::f1f:3001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
a7475de3f34c75f97fa328124fbe391c72b5cf61769e026fa1d609c99e13c61c

Request headers

Referer
https://flowvideoslot.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 16 Mar 2024 00:21:24 GMT
server
nginx
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=638021524&t=event&_s=2&dl=https%3A%2F%2Fflowvideoslot.top%2F%3Fref%3Dfap_w39614p111_cpa_50_lev%26utm_term%3D2mtesg21h18jv&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=redirection&ea=ok&el=levss-fun.xyz&_u=KEBAAEABAAAAACAAI~&jid=&gjid=&cid=9484089.1710548481&tid=UA-85255408-1&_gid=1820772830.1710548481&z=1455925313
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flowvideoslot.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Mar 2024 02:49:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
77542
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
479.4119cdf7f9953999e7d5.js
levss-fun.xyz/promos/register1/ 		92 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://levss-fun.xyz/promos/register1/479.4119cdf7f9953999e7d5.js
Requested by
Host: levss-fun.xyz
URL: https://levss-fun.xyz/promos/register1?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:2:d0::f1f:3001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
d15bf2d25701bc0cbaa1b82881b957a7eb112be1a8e964b6cefa9b70df131d02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levss-fun.xyz/promos/register1?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:21:24 GMT
last-modified
Fri, 15 Mar 2024 10:47:48 GMT
server
nginx
etag
"65f42754-17169"
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
94569
main.4119cdf7f9953999e7d5.js
levss-fun.xyz/promos/register1/ 		18 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://levss-fun.xyz/promos/register1/main.4119cdf7f9953999e7d5.js
Requested by
Host: levss-fun.xyz
URL: https://levss-fun.xyz/promos/register1?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:2:d0::f1f:3001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
1396867668a500c8381c631d16028b7817d59674db64af618795d2dfa8712fde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levss-fun.xyz/promos/register1?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:21:24 GMT
last-modified
Fri, 15 Mar 2024 10:47:48 GMT
server
nginx
etag
"65f42754-4961"
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
18785
main.4119cdf7f9953999e7d5.css
levss-fun.xyz/promos/register1/ 		10 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://levss-fun.xyz/promos/register1/main.4119cdf7f9953999e7d5.css
Requested by
Host: levss-fun.xyz
URL: https://levss-fun.xyz/promos/register1?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:2:d0::f1f:3001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
71c65477b51daffbc285a5dac35b68ccbb88a2af15a6da1c400861587b68ffe6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levss-fun.xyz/promos/register1?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:21:24 GMT
last-modified
Fri, 15 Mar 2024 10:47:48 GMT
server
nginx
etag
"65f42754-284b"
content-type
text/css
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
10315
banner.12f23f3b9a74949a8156.webp
levss-fun.xyz/promos/register1/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://levss-fun.xyz/promos/register1/images/banner.12f23f3b9a74949a8156.webp
Requested by
Host: levss-fun.xyz
URL: https://levss-fun.xyz/promos/register1?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:2:d0::f1f:3001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
ef6c49689084a062b49ec3349c9b6b00120b18e2d33a2712ca2cb48d683df647

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levss-fun.xyz/promos/register1?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:21:24 GMT
last-modified
Fri, 15 Mar 2024 10:47:48 GMT
server
nginx
etag
"65f42754-3720"
content-type
image/webp
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
14112
truncated
/ 		374 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7a54181c58da9e6253c4f2b9f787e42fca6cda21ce50546d1e524fa6d7a27a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a72e6178a1c568da35bb6fd1439fdaa077a6498aa5cfb2ab08771f92c55073ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
bg-desk.0494936cea042cb5a82c.jpg
levss-fun.xyz/promos/register1/images/ 		158 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://levss-fun.xyz/promos/register1/images/bg-desk.0494936cea042cb5a82c.jpg
Requested by
Host: levss-fun.xyz
URL: https://levss-fun.xyz/promos/register1/main.4119cdf7f9953999e7d5.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:2:d0::f1f:3001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
1219b011182606b3777840880fecc602cd4e59f85c436424392a52b352195bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levss-fun.xyz/promos/register1/main.4119cdf7f9953999e7d5.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:21:24 GMT
last-modified
Fri, 15 Mar 2024 10:47:48 GMT
server
nginx
etag
"65f42754-2766a"
content-type
image/jpeg
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
161386
settings
levss-fun.xyz/api/v18/ 		10 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://levss-fun.xyz/api/v18/settings
Requested by
Host: levss-fun.xyz
URL: https://levss-fun.xyz/promos/register1/main.4119cdf7f9953999e7d5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:2:d0::f1f:3001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
19e236cd06fcaf2bf26df82a090a555141ebcc12c0966a88f6e5dbaa18bf5ed8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://levss-fun.xyz/promos/register1?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
x-pcdn-sign
b70cd2b6c6e7d4e899f29a2db067c7d6

Response headers

date
Sat, 16 Mar 2024 00:21:24 GMT
content-encoding
gzip
last-modified
Sat, 16 Mar 2024 00:21:24 GMT
server
nginx
x-pcdn-sign-pass
1
vary
Accept-Encoding, Origin, Content-Language
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
max-age=120, public, s-maxage=120
link
<https://levss-fun.xyz/admin/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-pcdn-proxy-cache
EXPIRED
expires
Sat, 16 Mar 2024 00:23:24 GMT
settings
levss-fun.xyz/api/v18/ 		10 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://levss-fun.xyz/api/v18/settings
Requested by
Host: levss-fun.xyz
URL: https://levss-fun.xyz/promos/register1/main.4119cdf7f9953999e7d5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:2:d0::f1f:3001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
19e236cd06fcaf2bf26df82a090a555141ebcc12c0966a88f6e5dbaa18bf5ed8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://levss-fun.xyz/promos/register1?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
x-pcdn-sign
b70cd2b6c6e7d4e899f29a2db067c7d6

Response headers

date
Sat, 16 Mar 2024 00:21:24 GMT
content-encoding
gzip
last-modified
Sat, 16 Mar 2024 00:21:24 GMT
server
nginx
x-pcdn-sign-pass
1
vary
Accept-Encoding, Origin, Content-Language
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
max-age=120, public, s-maxage=120
link
<https://levss-fun.xyz/admin/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-pcdn-proxy-cache
EXPIRED
expires
Sat, 16 Mar 2024 00:23:24 GMT
mwla-1.0.js
1.join2game.com/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1.join2game.com/js/mwla-1.0.js
Requested by
Host: levss-fun.xyz
URL: https://levss-fun.xyz/promos/register1/main.4119cdf7f9953999e7d5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:3:d0::192c:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
af712758fc63863f53cb44cbffb087434356eabfcc3298067aedb986cec27e90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levss-fun.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:21:24 GMT
last-modified
Mon, 11 Mar 2024 15:04:21 GMT
server
nginx
etag
"65ef1d75-1249"
content-type
application/javascript
accept-ranges
bytes
content-length
4681
x-pcdn-proxy-cache
MISS
track
1.join2game.com/api/v18/ 		41 B
908 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1.join2game.com/api/v18/track
Requested by
Host: levss-fun.xyz
URL: https://levss-fun.xyz/promos/register1/main.4119cdf7f9953999e7d5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:3:d0::192c:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
3a29d3a8f96618b5689f1b21fb26cd53f4aff14d2b67a907680b129188ef81ed
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://levss-fun.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
x-pcdn-sign
851b5fc7f3e741f9a9491caef8e338fb

Response headers

date
Sat, 16 Mar 2024 00:21:24 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://levss-fun.xyz
access-control-expose-headers
Origin, X-Requested-With, Content-Type, Accept, Auth-Token, Protection-Phrase, Protection-Signature, Verification-Token, x-pcdn-sign, x-pcdn-city, x-pcdn-state, x-pcdn-postcode, cache-control, upgrade-insecure-requests, x-prerender
cache-control
no-cache, private
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Auth-Token, Protection-Phrase, Protection-Signature, Verification-Token, x-pcdn-sign, x-pcdn-city, x-pcdn-state, x-pcdn-postcode, cache-control, upgrade-insecure-requests, x-prerender
link
<https://1.join2game.com/admin/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-pcdn-proxy-cache
MISS
track
1.join2game.com/api/v18/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://1.join2game.com/api/v18/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:3:d0::192c:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
x-pcdn-sign
Access-Control-Request-Method
GET
Origin
https://levss-fun.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Auth-Token, Protection-Phrase, Protection-Signature, Verification-Token, x-pcdn-sign, x-pcdn-city, x-pcdn-state, x-pcdn-postcode, cache-control, upgrade-insecure-requests, x-prerender
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
access-control-allow-origin
https://levss-fun.xyz
access-control-expose-headers
Origin, X-Requested-With, Content-Type, Accept, Auth-Token, Protection-Phrase, Protection-Signature, Verification-Token, x-pcdn-sign, x-pcdn-city, x-pcdn-state, x-pcdn-postcode, cache-control, upgrade-insecure-requests, x-prerender
cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 16 Mar 2024 00:21:24 GMT
server
nginx
vary
Accept-Encoding Origin
x-frame-options
SAMEORIGIN
hits
1.join2game.com/api/v18/ Frame E279 		510 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1.join2game.com/api/v18/hits
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:3:d0::192c:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
d0269440f8188bbf86379c8c69f9eec271e47cb00468e83dd327aae563c035b8

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://levss-fun.xyz
Referer
https://levss-fun.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Auth-Token, Protection-Phrase, Protection-Signature, Verification-Token, x-pcdn-sign, x-pcdn-city, x-pcdn-state, x-pcdn-postcode, cache-control, upgrade-insecure-requests, x-prerender
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
access-control-allow-origin
https://levss-fun.xyz
access-control-expose-headers
Origin, X-Requested-With, Content-Type, Accept, Auth-Token, Protection-Phrase, Protection-Signature, Verification-Token, x-pcdn-sign, x-pcdn-city, x-pcdn-state, x-pcdn-postcode, cache-control, upgrade-insecure-requests, x-prerender
cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 16 Mar 2024 00:21:24 GMT
link
<https://1.join2game.com/admin/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
server
nginx
vary
Accept-Encoding
page_open
levss-fun.xyz/api/v18/webhook/ 		26 B
300 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://levss-fun.xyz/api/v18/webhook/page_open
Requested by
Host: levss-fun.xyz
URL: https://levss-fun.xyz/promos/register1/main.4119cdf7f9953999e7d5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b0c0:2:d0::f1f:3001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
b35b9264b97e135fed319953849ce5e95241f2e836f10e9a73bb7c9689113dba
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

x-pcdn-sign
ff26952347a36789adf5db8c464cd9f6
Referer
https://levss-fun.xyz/promos/register1?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 16 Mar 2024 00:21:25 GMT
content-encoding
gzip
x-pcdn-sign-pass
1
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, private
link
<https://levss-fun.xyz/admin/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunk object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill string| frameId string| apiHost string| apiUrl string| apiPath number| attempt object| cookieNames object| mwla string| eventMethod function| eventer string| messageEvent object| _params

16 Cookies

Domain/Path Name / Value
steam-auth.ru/ Name: PHPSESSID
Value: k33g5683dfror1os3f98pn1sot
.steam-auth.ru/ Name: _subid
Value: 2mtesg21h18jv
.steam-auth.ru/ Name: 64f87
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjc3OVwiOjE3MTA1NDg0ODB9LFwiY2FtcGFpZ25zXCI6e1wiMjE1XCI6MTcxMDU0ODQ4MH0sXCJ0aW1lXCI6MTcxMDU0ODQ4MH0ifQ.KlmDAHh8HMMBOxo6B3ijAthsOVVKKttHFcKrNEU0n2g
.steam-auth.ru/ Name: _token
Value: uuid_2mtesg21h18jv_2mtesg21h18jv65f4e6009ca675.21744313
.flowvideoslot.top/ Name: _ga
Value: GA1.2.9484089.1710548481
.flowvideoslot.top/ Name: _gid
Value: GA1.2.1820772830.1710548481
.flowvideoslot.top/ Name: _gat
Value: 1
.flowvideoslot.top/ Name: _ga_4THE8BZ9EY
Value: GS1.2.1710548481.1.0.1710548484.57.0.0
.levss-fun.xyz/ Name: aff
Value: fap_w39614p111_cpa_50_lev
.levss-fun.xyz/ Name: last_aff
Value: fap_w39614p111_cpa_50_lev
.levss-fun.xyz/ Name: tracker
Value: fap_w39614p111_cpa_50_lev
.levss-fun.xyz/ Name: utm_tags
Value: {"utm_term":"2mtesg21h18jv"}
.levss-fun.xyz/ Name: landingCode
Value: register1
1.join2game.com/ Name: gstId
Value: 6da4386d-7b3c-4d7d-86d7-4d6522b49aea
.1.join2game.com/ Name: tracker
Value: fap_w39614p111_cpa_50_lev
levss-fun.xyz/ Name: gstId
Value: 6da4386d-7b3c-4d7d-86d7-4d6522b49aea

3 Console Messages

Source Level URL
Text
other warning URL: https://levss-fun.xyz/promos/register1?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://levss-fun.xyz/promos/register1?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://levss-fun.xyz/promos/register1?ref=fap_w39614p111_cpa_50_lev&utm_term=2mtesg21h18jv
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.join2game.com
analytics.google.com
cazinosprofit.com
flowvideoslot.top
leocasino.xyz
levs-volatility.top
levss-fun.xyz
slotsgamble.xyz
stats.g.doubleclick.net
steam-auth.ru
www.google-analytics.com
www.google.com
www.googletagmanager.com
2606:4700:3037::ac43:98b3
2a00:1450:4001:800::200e
2a00:1450:4001:806::2004
2a00:1450:4001:806::2008
2a00:1450:4001:81d::200e
2a00:1450:400c:c0b::9b
2a03:b0c0:2:d0::f1f:3001
2a03:b0c0:3:d0::12b0:7001
2a03:b0c0:3:d0::145f:4001
2a03:b0c0:3:d0::192c:4001
2a03:b0c0:3:d0::1a47:9001
2a03:b0c0:3:d0::d94:2001
07b2a386b1a126966d74c6acf7f643873be7e6008018212d0e7847238d3a2361
1219b011182606b3777840880fecc602cd4e59f85c436424392a52b352195bcc
1396867668a500c8381c631d16028b7817d59674db64af618795d2dfa8712fde
19e236cd06fcaf2bf26df82a090a555141ebcc12c0966a88f6e5dbaa18bf5ed8
1ccce79d36924d83301aa8a4b690c2bad980318c11a6ff55b445bfe6ee1b83b3
1d0afb787e16bba36010a5f0211a1f953b484e9a5b957629ebed2b8715503985
1f2b1462544f7340668f6a202c1a5e8d175aef737da57e7396e36b62ec164af6
1f4c00bc6a0a0df8afc3e733e4f7932e055c3b479c20218f1feb8ee92e0f0afd
316169929e4b443d120ce3ceda1681177656030687c1d17bd859c942f9d3e811
363a80d367e6658e72d918cd33f9481ce7929199a9858122b0dcc61dffa62fde
3a29d3a8f96618b5689f1b21fb26cd53f4aff14d2b67a907680b129188ef81ed
4169624f32113f59fd74b5d1584a27795cfb02b10d3e556f31b8cf63e69fa0ec
4c7ab0d3b11cc0437c78d6e481d9615ee762eab312e2f1faeb2a7449c3eb7b9e
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61d797156e4fa31da65937c5ffc89624ad7a3d9e10775efd7ff4ee83a843849f
71c65477b51daffbc285a5dac35b68ccbb88a2af15a6da1c400861587b68ffe6
739a2ef59d40e48950afadb1ac2f062a15b42a6b53c2a4f932212638c6b1ebd4
9010b26af353136c61cf768a8af3fbfbabed9deaf1562424b3b2272c7a977f60
a72e6178a1c568da35bb6fd1439fdaa077a6498aa5cfb2ab08771f92c55073ee
a7475de3f34c75f97fa328124fbe391c72b5cf61769e026fa1d609c99e13c61c
aa77f7759cc5da25cb4ddb59ac5abb4c9ad112e4a12ff24284fb0922569d7e5c
af712758fc63863f53cb44cbffb087434356eabfcc3298067aedb986cec27e90
b35b9264b97e135fed319953849ce5e95241f2e836f10e9a73bb7c9689113dba
bbdcd2ee1abec07c4c25511818b85923ef3ad72227456e0585fb9503ec30a2d0
c44027d25b73be691cf48eadc77675005ae89f459811f3814d6e458d0667b848
cf80d4806292ec757117fa1e08ad60a77777a9467618f3028e382cb72e06807b
d0269440f8188bbf86379c8c69f9eec271e47cb00468e83dd327aae563c035b8
d15bf2d25701bc0cbaa1b82881b957a7eb112be1a8e964b6cefa9b70df131d02
d7a54181c58da9e6253c4f2b9f787e42fca6cda21ce50546d1e524fa6d7a27a4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2c1509029b0eb666e2c1b9d069b2109bf0d1fd8ca83759d9638215b699401dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6c49689084a062b49ec3349c9b6b00120b18e2d33a2712ca2cb48d683df647
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c