myvelkamdeluxe.com Open in urlscan Pro
2606:4700:3031::681f:44f2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.va-bank.gmslotss.net/
Effective URL:
http://myvelkamdeluxe.com/?ref=failredir&p19009p246011p012e
Submission: On April 12 via automatic, source certstream-suspicious (April 12th 2020, 11:43:37 pm UTC)

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 5 countries across 7 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3031::681f:44f2, located in United States and belongs to CLOUDFLARENET, US. The main domain is myvelkamdeluxe.com.

This is the only time myvelkamdeluxe.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	86.106.93.254 86.106.93.254	44901 (BELCLOUD) (BELCLOUD)
1	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
1 3	51.89.99.89 51.89.99.89	16276 (OVH) (OVH)
1 5	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1 1	198.89.46.55 198.89.46.55	200449 (QRATOR-) (QRATOR-)
1	2606:4700:303... 2606:4700:3031::681f:44f2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	5

12 86.106.93.254 (Sofia, Bulgaria)

ASN44901 (BELCLOUD, BG)

www.va-bank.gmslotss.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.99.89 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3163775.ip-51-89-99.eu

cdn.dmpcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.onedmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.89.46.55 (Dallas, United States) 1 redirects

ASN200449 (QRATOR-, CZ)

sochi.go-2.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::681f:44f2 (United States)

ASN13335 (CLOUDFLARENET, US)

myvelkamdeluxe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	gmslotss.net www.va-bank.gmslotss.net	427 KB
5	yandex.ru 1 redirects mc.yandex.ru	44 KB
2	onedmp.com 1 redirects c1.onedmp.com	2 KB
1	myvelkamdeluxe.com myvelkamdeluxe.com	616 B
1	go-2.link 1 redirects sochi.go-2.link	292 B
1	dmpcounter.com cdn.dmpcounter.com	10 KB
1	google-analytics.com www.google-analytics.com	18 KB
20	7

	Domain	Requested by
12	www.va-bank.gmslotss.net	www.va-bank.gmslotss.net
5	mc.yandex.ru	1 redirects www.va-bank.gmslotss.net mc.yandex.ru
2	c1.onedmp.com	1 redirects www.va-bank.gmslotss.net
1	myvelkamdeluxe.com	www.va-bank.gmslotss.net
1	sochi.go-2.link	1 redirects
1	cdn.dmpcounter.com	www.va-bank.gmslotss.net
1	www.google-analytics.com	www.va-bank.gmslotss.net
20	7

This site contains no links.

Subject Issuer	Validity	Valid
va-bank.gmslotss.net cPanel, Inc. Certification Authority	`2020-01-27` - `2020-04-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
cdn.dmpcounter.com Let's Encrypt Authority X3	`2020-03-10` - `2020-06-08`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2019-09-23` - `2020-09-22`	a year	crt.sh
c2.onedmp.com Let's Encrypt Authority X3	`2020-03-10` - `2020-06-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://myvelkamdeluxe.com/?ref=failredir&p19009p246011p012e
Frame ID: AC93CBBA73A880BCCA3893EBC66367AE
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.va-bank.gmslotss.net/ Page URL
https://sochi.go-2.link/go/PgGl?p19009p246011p012e HTTP 302
http://myvelkamdeluxe.com/?ref=failredir&p19009p246011p012e Page URL

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

20
Requests

95 %
HTTPS

50 %
IPv6

7
Domains

7
Subdomains

5
IPs

5
Countries

498 kB
Transfer

723 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.va-bank.gmslotss.net/ Page URL
https://sochi.go-2.link/go/PgGl?p19009p246011p012e HTTP 302
http://myvelkamdeluxe.com/?ref=failredir&p19009p246011p012e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://c1.onedmp.com/c/?cmd=0051&e=hit&url=https%3A%2F%2Fwww.va-bank.gmslotss.net%2F&title=%D0%92%D0%B0%20%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20-%20%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%B2%20%D0%B8%D0%B3%D1%80%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D1%8B%20Igrosoft%2CPlayson%2CNovomatic%2CNetEnt%2CBelatra&p=jg-vb&pc=ld-ps-no-bonus500&ts=1586734987452&tsh=0412234307&screen=1600x1200&webgl=disabled&mobile=0&browser=Chrome&browserver=74.0.3729.169&os=Mac%20OS%2010.14.5&v=7&delay=1 HTTP 301
https://c1.onedmp.com/c/?cmd=0051&e=hit&url=https://www.va-bank.gmslotss.net/&title=%D0%92%D0%B0%20%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20-%20%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%B2%20%D0%B8%D0%B3%D1%80%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D1%8B%20Igrosoft,Playson,Novomatic,NetEnt,Belatra&p=jg-vb&pc=ld-ps-no-bonus500&ts=1586734987452&tsh=0412234307&screen=1600x1200&webgl=disabled&mobile=0&browser=Chrome&browserver=74.0.3729.169&os=Mac%20OS%2010.14.5&v=7&delay=1&turnback=1

Request Chain 16

https://mc.yandex.ru/watch/25007714?wmode=7&page-url=https%3A%2F%2Fwww.va-bank.gmslotss.net%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1586734986687%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200413014307%3Aet%3A1586734987%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A587525870%3Ahid%3A684261408%3Ads%3A24%2C146%2C52%2C1%2C0%2C0%2C0%2C361%2C2%2C%2C%2C%2C587%3Afp%3A372%3Awn%3A44004%3Ahl%3A2%3Agdpr%3A14%3Av%3A1834%3Ast%3A1586734987%3Au%3A1586734987760746048%3At%3A%D0%92%D0%B0%20%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20-%20%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%B2%20%D0%B8%D0%B3%D1%80%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D1%8B%20Igrosoft%2CPlayson%2CNovomatic%2CNetEnt%2CBelatra HTTP 302
https://mc.yandex.ru/watch/25007714/1?wmode=7&page-url=https%3A%2F%2Fwww.va-bank.gmslotss.net%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1586734986687%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200413014307%3Aet%3A1586734987%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A587525870%3Ahid%3A684261408%3Ads%3A24%2C146%2C52%2C1%2C0%2C0%2C0%2C361%2C2%2C%2C%2C%2C587%3Afp%3A372%3Awn%3A44004%3Ahl%3A2%3Agdpr%3A14%3Av%3A1834%3Ast%3A1586734987%3Au%3A1586734987760746048%3At%3A%D0%92%D0%B0%20%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20-%20%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%B2%20%D0%B8%D0%B3%D1%80%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D1%8B%20Igrosoft%2CPlayson%2CNovomatic%2CNetEnt%2CBelatra

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
www.va-bank.gmslotss.net/ 24 KB
6 KB 223ms
52ms Document
text/html 86.106.93.254
BELCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.va-bank.gmslotss.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 86.106.93.254 Sofia, Bulgaria, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software: LiteSpeed /
Resource Hash: f55295dd9150b8fc0c2c61ccf4a81ecb422ac6c6f44ff37f943c3bf7547bc4a4

Request headers

:method: GET
:authority: www.va-bank.gmslotss.net
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
cache-control: public, max-age=2592000
expires: Tue, 12 May 2020 23:43:06 GMT
content-type: text/html
last-modified: Fri, 12 Jul 2019 14:02:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5505
date: Sun, 12 Apr 2020 23:43:06 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="39,43,46", h3-Q039=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-23=":443"; ma=2592000

GET
H2 200 style.min.css
www.va-bank.gmslotss.net/index_files/ 6 KB
2 KB 125ms
124ms Stylesheet
text/css 86.106.93.254
BELCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.va-bank.gmslotss.net/index_files/style.min.css
Requested by: Host: www.va-bank.gmslotss.net
URL: https://www.va-bank.gmslotss.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 86.106.93.254 Sofia, Bulgaria, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 14b80cf791a367412bb65ec05867398f295860ea31661ab0058abf4f948748f0

Request headers

Referer: https://www.va-bank.gmslotss.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 12 Apr 2020 23:43:06 GMT
content-encoding: br
last-modified: Wed, 05 Oct 2016 02:53:46 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1574
expires: Tue, 12 May 2020 23:43:06 GMT

GET
H2 200 dmp.js Show response
www.va-bank.gmslotss.net/index_files/ 15 KB
5 KB 135ms
134ms Script
application/javascript 86.106.93.254
BELCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.va-bank.gmslotss.net/index_files/dmp.js
Requested by: Host: www.va-bank.gmslotss.net
URL: https://www.va-bank.gmslotss.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 86.106.93.254 Sofia, Bulgaria, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 19011ff65102f432fafec3b8b3a285ee6d6988a6861636eeb811bd58d1ad996e

Request headers

Referer: https://www.va-bank.gmslotss.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 12 Apr 2020 23:43:07 GMT
content-encoding: br
last-modified: Wed, 05 Oct 2016 02:53:46 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5331
expires: Sun, 19 Apr 2020 23:43:07 GMT

GET
H2 200 analytics.js Show response
www.va-bank.gmslotss.net/index_files/ 26 KB
10 KB 225ms
224ms Script
application/javascript 86.106.93.254
BELCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.va-bank.gmslotss.net/index_files/analytics.js
Requested by: Host: www.va-bank.gmslotss.net
URL: https://www.va-bank.gmslotss.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 86.106.93.254 Sofia, Bulgaria, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software: LiteSpeed /
Resource Hash: f60215f414d0fe15f67add69ee8500a49f4234b24f13c8ff0ccbff69a5b22c33

Request headers

Referer: https://www.va-bank.gmslotss.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 12 Apr 2020 23:43:07 GMT
content-encoding: br
last-modified: Wed, 05 Oct 2016 02:53:46 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10638
expires: Sun, 19 Apr 2020 23:43:07 GMT

GET
H2 200 logo-vabank.png
www.va-bank.gmslotss.net/index_files/ 5 KB
5 KB 224ms
223ms Image
image/png 86.106.93.254
BELCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.va-bank.gmslotss.net/index_files/logo-vabank.png
Requested by: Host: www.va-bank.gmslotss.net
URL: https://www.va-bank.gmslotss.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 86.106.93.254 Sofia, Bulgaria, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software: LiteSpeed /
Resource Hash: a38665f0a0bacc964e11e0498f9c4eac1865ac2a0d96bb4806daa29f6a2078ad

Request headers

Referer: https://www.va-bank.gmslotss.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 12 Apr 2020 23:43:07 GMT
last-modified: Wed, 05 Oct 2016 02:53:48 GMT
server: LiteSpeed
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 5493
expires: Mon, 12 Apr 2021 23:43:07 GMT

GET
H2 200 jquery.min.js Show response
www.va-bank.gmslotss.net/index_files/ 82 KB
28 KB 98ms
98ms Script
application/javascript 86.106.93.254
BELCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.va-bank.gmslotss.net/index_files/jquery.min.js
Requested by: Host: www.va-bank.gmslotss.net
URL: https://www.va-bank.gmslotss.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 86.106.93.254 Sofia, Bulgaria, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Request headers

Referer: https://www.va-bank.gmslotss.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 12 Apr 2020 23:43:07 GMT
content-encoding: br
last-modified: Wed, 05 Oct 2016 02:53:48 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 28817
expires: Sun, 19 Apr 2020 23:43:07 GMT

GET
H2 200 main.min.js Show response
www.va-bank.gmslotss.net/index_files/ 175 B
207 B 225ms
224ms Script
application/javascript 86.106.93.254
BELCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.va-bank.gmslotss.net/index_files/main.min.js
Requested by: Host: www.va-bank.gmslotss.net
URL: https://www.va-bank.gmslotss.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 86.106.93.254 Sofia, Bulgaria, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 7a2d85c3e9f02ffdcdf53cdee26edf6f7aec453cec7da2d482102f440f0a74ac

Request headers

Referer: https://www.va-bank.gmslotss.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 12 Apr 2020 23:43:07 GMT
last-modified: Wed, 05 Oct 2016 02:53:46 GMT
server: LiteSpeed
content-type: application/javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 175
expires: Sun, 19 Apr 2020 23:43:07 GMT

GET
H2 200 base.js Show response
www.va-bank.gmslotss.net/index_files/ 7 KB
2 KB 225ms
224ms Script
application/javascript 86.106.93.254
BELCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.va-bank.gmslotss.net/index_files/base.js
Requested by: Host: www.va-bank.gmslotss.net
URL: https://www.va-bank.gmslotss.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 86.106.93.254 Sofia, Bulgaria, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 88c1513eb75792be59bc2d555ee9fe9837236dda2e85a68afc0dc3ae6b88e7cf

Request headers

Referer: https://www.va-bank.gmslotss.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 12 Apr 2020 23:43:07 GMT
content-encoding: br
last-modified: Wed, 05 Oct 2016 02:53:46 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2151
expires: Sun, 19 Apr 2020 23:43:07 GMT

GET
H2 200 bg.jpg
www.va-bank.gmslotss.net/ 311 KB
311 KB 223ms
222ms Image
image/jpeg 86.106.93.254
BELCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.va-bank.gmslotss.net/bg.jpg
Requested by: Host: www.va-bank.gmslotss.net
URL: https://www.va-bank.gmslotss.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 86.106.93.254 Sofia, Bulgaria, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software: LiteSpeed /
Resource Hash: c7f78dfd6f3c2399d67e350b4babb8c98f9fee248be3d196795339cb458e3c03

Request headers

Referer: https://www.va-bank.gmslotss.net/index_files/style.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 12 Apr 2020 23:43:07 GMT
last-modified: Wed, 05 Oct 2016 02:53:40 GMT
server: LiteSpeed
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 318452
expires: Mon, 12 Apr 2021 23:43:07 GMT

GET
H2 200 helveticaneueltcyr-bdcond-webfont.woff2
www.va-bank.gmslotss.net/fonts/ 18 KB
18 KB 142ms
141ms Font
font/woff2 86.106.93.254
BELCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.va-bank.gmslotss.net/fonts/helveticaneueltcyr-bdcond-webfont.woff2
Requested by: Host: www.va-bank.gmslotss.net
URL: https://www.va-bank.gmslotss.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 86.106.93.254 Sofia, Bulgaria, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software: LiteSpeed /
Resource Hash: f71dae48b1a537f3984e70cb09001519fcbfdc4a98165674f64bcd1fb9ff5dd9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.va-bank.gmslotss.net/index_files/style.min.css
Origin: https://www.va-bank.gmslotss.net

Response headers

date: Sun, 12 Apr 2020 23:43:07 GMT
last-modified: Wed, 05 Oct 2016 02:53:44 GMT
server: LiteSpeed
content-type: font/woff2
status: 200
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 18640
expires: Tue, 12 May 2020 23:43:07 GMT

GET
H2 200 helveticaneueltcyr-cond-webfont.woff2
www.va-bank.gmslotss.net/fonts/ 19 KB
19 KB 180ms
179ms Font
font/woff2 86.106.93.254
BELCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.va-bank.gmslotss.net/fonts/helveticaneueltcyr-cond-webfont.woff2
Requested by: Host: www.va-bank.gmslotss.net
URL: https://www.va-bank.gmslotss.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 86.106.93.254 Sofia, Bulgaria, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software: LiteSpeed /
Resource Hash: e5f73ba1ffbfd46db6b354df2c87bd043fcb8f8f1aa3b0e2ec48c8c0b9caf647

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.va-bank.gmslotss.net/index_files/style.min.css
Origin: https://www.va-bank.gmslotss.net

Response headers

date: Sun, 12 Apr 2020 23:43:07 GMT
last-modified: Wed, 05 Oct 2016 02:53:44 GMT
server: LiteSpeed
content-type: font/woff2
status: 200
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 19536
expires: Tue, 12 May 2020 23:43:07 GMT

GET
H2 200 helveticaneueltcyr-mdcond-webfont.woff2
www.va-bank.gmslotss.net/fonts/ 20 KB
20 KB 210ms
210ms Font
font/woff2 86.106.93.254
BELCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.va-bank.gmslotss.net/fonts/helveticaneueltcyr-mdcond-webfont.woff2
Requested by: Host: www.va-bank.gmslotss.net
URL: https://www.va-bank.gmslotss.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 86.106.93.254 Sofia, Bulgaria, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software: LiteSpeed /
Resource Hash: cd67ea6456cca58a8cf2275d48e76f63d68f34e43a14294f0066efd72cd22ece

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.va-bank.gmslotss.net/index_files/style.min.css
Origin: https://www.va-bank.gmslotss.net

Response headers

date: Sun, 12 Apr 2020 23:43:07 GMT
last-modified: Wed, 05 Oct 2016 02:53:44 GMT
server: LiteSpeed
content-type: font/woff2
status: 200
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 20024
expires: Tue, 12 May 2020 23:43:07 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.va-bank.gmslotss.net
URL: https://www.va-bank.gmslotss.net/index_files/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.va-bank.gmslotss.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 271
date: Sun, 12 Apr 2020 23:38:36 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Mon, 13 Apr 2020 01:38:36 GMT

GET
H/1.1 200
OK dmp.js Show response
cdn.dmpcounter.com/s/ 10 KB
10 KB 172ms
30ms Script
application/javascript 51.89.99.89
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dmpcounter.com/s/dmp.js
Requested by: Host: www.va-bank.gmslotss.net
URL: https://www.va-bank.gmslotss.net/index_files/base.js
Protocol: HTTP/1.1
Security: TLS 1.0, ECDHE_RSA, AES_128_CBC
Server: 51.89.99.89 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3163775.ip-51-89-99.eu
Software: nginx/1.12.2 /
Resource Hash: d6464582b9c1db5eb0c17397633fb41f6e5e9f4f1918b3c507874981846ae916

Request headers

Referer: https://www.va-bank.gmslotss.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 23:43:07 GMT
Last-Modified: Fri, 24 Nov 2017 16:40:09 GMT
Server: nginx/1.12.2
ETag: "5a184b69-278d"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
X-time: 1586734987.438
Content-Length: 10125

GET
H/1.1 200
OK watch.js Show response
mc.yandex.ru/metrika/ 135 KB
40 KB 134ms
43ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: www.va-bank.gmslotss.net
URL: https://www.va-bank.gmslotss.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

a160fd1060c77d86dcf2601dd586bb11d94c02628225a3008347bef00d14fc95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.va-bank.gmslotss.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 23:43:07 GMT
Content-Encoding: br
Last-Modified: Fri, 10 Apr 2020 13:44:18 GMT
Server: nginx/1.14.2
ETag: "5e907832-9eef"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 40687
Expires: Mon, 13 Apr 2020 00:43:07 GMT

GET
H/1.1

200
OK

/
c1.onedmp.com/c/
Redirect Chain

https://c1.onedmp.com/c/?cmd=0051&e=hit&url=https%3A%2F%2Fwww.va-bank.gmslotss.net%2F&title=%D0%92%D0%B0%20%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20%D0%BE%D0%BD%D0%BB%D0%B0...
https://c1.onedmp.com/c/?cmd=0051&e=hit&url=https://www.va-bank.gmslotss.net/&title=%D0%92%D0%B0%20%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D...

119 B
511 B

32ms
31ms

Image
image/png

51.89.99.89
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1.onedmp.com/c/?cmd=0051&e=hit&url=https://www.va-bank.gmslotss.net/&title=%D0%92%D0%B0%20%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20-%20%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%B2%20%D0%B8%D0%B3%D1%80%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D1%8B%20Igrosoft,Playson,Novomatic,NetEnt,Belatra&p=jg-vb&pc=ld-ps-no-bonus500&ts=1586734987452&tsh=0412234307&screen=1600x1200&webgl=disabled&mobile=0&browser=Chrome&browserver=74.0.3729.169&os=Mac%20OS%2010.14.5&v=7&delay=1&turnback=1
Requested by: Host: www.va-bank.gmslotss.net
URL: https://www.va-bank.gmslotss.net/
Protocol: HTTP/1.1
Security: TLS 1.0, ECDHE_RSA, AES_256_CBC
Server: 51.89.99.89 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3163775.ip-51-89-99.eu
Software: nginx/1.12.2 /
Resource Hash: 603506996b902b8797cbc1dc4bf350440caad5c59feb97c39344fd7648403b5d

Request headers

Referer: https://www.va-bank.gmslotss.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 23:43:07 GMT
Server: nginx/1.12.2
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Transfer-Encoding: 8bit
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Type: image/png
X-time: 1586734987.614
Content-Length: 119
Access-Control-Allow-Method: GET,POST

Redirect headers

Date: Sun, 12 Apr 2020 23:43:07 GMT
Last-Modified: DMPXpOni4QTZlIByNhB
Server: nginx/1.12.2
Location: https://c1.onedmp.com/c/?cmd=0051&e=hit&url=https://www.va-bank.gmslotss.net/&title=ÐÐ° Ð±Ð°Ð½Ðº ÐºÐ°Ð·Ð¸Ð½Ð¾ Ð¾Ð½Ð»Ð°Ð¹Ð½ - Ð¸Ð³ÑÐ°ÑÑ Ð² Ð¸Ð³ÑÐ¾Ð²ÑÐµ Ð°Ð²ÑÐ¾Ð¼Ð°ÑÑ Igrosoft,Playson,Novomatic,NetEnt,Belatra&p=jg-vb&pc=ld-ps-no-bonus500&ts=1586734987452&tsh=0412234307&screen=1600x1200&webgl=disabled&mobile=0&browser=Chrome&browserver=74.0.3729.169&os=Mac OS 10.14.5&v=7&delay=1&turnback=1
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-time: 1586734987.582
Access-Control-Allow-Method: GET,POST

GET
H/1.1

200
OK

1 Show response
mc.yandex.ru/watch/25007714/
Redirect Chain

https://mc.yandex.ru/watch/25007714?wmode=7&page-url=https%3A%2F%2Fwww.va-bank.gmslotss.net%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1586734986687%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A...
https://mc.yandex.ru/watch/25007714/1?wmode=7&page-url=https%3A%2F%2Fwww.va-bank.gmslotss.net%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1586734986687%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%...

114 B
674 B

87ms
46ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/25007714/1?wmode=7&page-url=https%3A%2F%2Fwww.va-bank.gmslotss.net%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1586734986687%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200413014307%3Aet%3A1586734987%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A587525870%3Ahid%3A684261408%3Ads%3A24%2C146%2C52%2C1%2C0%2C0%2C0%2C361%2C2%2C%2C%2C%2C587%3Afp%3A372%3Awn%3A44004%3Ahl%3A2%3Agdpr%3A14%3Av%3A1834%3Ast%3A1586734987%3Au%3A1586734987760746048%3At%3A%D0%92%D0%B0%20%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20-%20%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%B2%20%D0%B8%D0%B3%D1%80%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D1%8B%20Igrosoft%2CPlayson%2CNovomatic%2CNetEnt%2CBelatra

Requested by

Host: www.va-bank.gmslotss.net
URL: https://www.va-bank.gmslotss.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

d85656c079991c2103e2ada2ea01204a0065f9a0a04ea5fae550d6ec0cdc1df5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.va-bank.gmslotss.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Apr 2020 23:43:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 12-Apr-2020 23:43:07 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.va-bank.gmslotss.net
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 114
X-XSS-Protection: 1; mode=block
Expires: Sun, 12-Apr-2020 23:43:07 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 12 Apr 2020 23:43:07 GMT
Last-Modified: Sun, 12-Apr-2020 23:43:07 GMT
Server: nginx/1.14.2
Access-Control-Allow-Origin: https://www.va-bank.gmslotss.net
Strict-Transport-Security: max-age=31536000
Location: /watch/25007714/1?wmode=7&page-url=https%3A%2F%2Fwww.va-bank.gmslotss.net%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1586734986687%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200413014307%3Aet%3A1586734987%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A587525870%3Ahid%3A684261408%3Ads%3A24%2C146%2C52%2C1%2C0%2C0%2C0%2C361%2C2%2C%2C%2C%2C587%3Afp%3A372%3Awn%3A44004%3Ahl%3A2%3Agdpr%3A14%3Av%3A1834%3Ast%3A1586734987%3Au%3A1586734987760746048%3At%3A%D0%92%D0%B0%20%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20-%20%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%B2%20%D0%B8%D0%B3%D1%80%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D1%8B%20Igrosoft%2CPlayson%2CNovomatic%2CNetEnt%2CBelatra
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Sun, 12-Apr-2020 23:43:07 GMT

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
425 B 85ms
43ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: www.va-bank.gmslotss.net
URL: https://www.va-bank.gmslotss.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.va-bank.gmslotss.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 12 Apr 2020 23:43:07 GMT
Last-Modified: Fri, 17 Jan 2020 08:05:01 GMT
Server: nginx/1.14.2
ETag: "5e216aad-2b"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 13 Apr 2020 00:43:07 GMT

GET
H/1.1

404
Not Found

Primary Request

Cookie set / Show response
myvelkamdeluxe.com/
Redirect Chain

https://sochi.go-2.link/go/PgGl?p19009p246011p012e
http://myvelkamdeluxe.com/?ref=failredir&p19009p246011p012e

564 B
616 B

63ms
36ms

Document
text/html

2606:4700:3031::681f:44f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://myvelkamdeluxe.com/?ref=failredir&p19009p246011p012e
Requested by: Host: www.va-bank.gmslotss.net
URL: https://www.va-bank.gmslotss.net/
Protocol: HTTP/1.1
Server: 2606:4700:3031::681f:44f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2

Request headers

Host: myvelkamdeluxe.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.va-bank.gmslotss.net/

Response headers

Date: Sun, 12 Apr 2020 23:43:10 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dea65dd473e15021c05bb3187e05d7d451586734990; expires=Tue, 12-May-20 23:43:10 GMT; path=/; domain=.myvelkamdeluxe.com; HttpOnly; SameSite=Lax
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 5830ced8da27bf0f-FRA
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Sun, 12 Apr 2020 23:43:10 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 10
Connection: keep-alive
LOCATION: http://myvelkamdeluxe.com?ref=failredir&p19009p246011p012e
Cache-Control: no-cache, max-age=0, must-revalidate, no-store

POST
H/1.1 200
OK 25007714
mc.yandex.ru/webvisor/ 43 B
547 B 41ms
41ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/25007714?wmode=0&rn=284123735&page-url=https%3A%2F%2Fwww.va-bank.gmslotss.net%2F&wv-type=0&wv-hit=684261408&wv-part=1&wv-check=13964&force-urlencoded=1&browser-info=ti%3A1%3Av%3A1834%3Az%3A120%3Ai%3A20200413014307%3Ast%3A1586734990%3Au%3A1586734987760746048

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.va-bank.gmslotss.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 12 Apr 2020 23:43:10 GMT
Last-Modified: Sun, 12-Apr-2020 23:43:10 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.va-bank.gmslotss.net
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Sun, 12-Apr-2020 23:43:10 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.myvelkamdeluxe.com/	1970-01-19 09:28:46	Name: __cfduid Value: dea65dd473e15021c05bb3187e05d7d451586734990

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c1.onedmp.com
cdn.dmpcounter.com
mc.yandex.ru
myvelkamdeluxe.com
sochi.go-2.link
www.google-analytics.com
www.va-bank.gmslotss.net
198.89.46.55
2606:4700:3031::681f:44f2
2a00:1450:4001:817::200e
2a02:6b8::1:119
51.89.99.89
86.106.93.254
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2
14b80cf791a367412bb65ec05867398f295860ea31661ab0058abf4f948748f0
19011ff65102f432fafec3b8b3a285ee6d6988a6861636eeb811bd58d1ad996e
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
603506996b902b8797cbc1dc4bf350440caad5c59feb97c39344fd7648403b5d
7a2d85c3e9f02ffdcdf53cdee26edf6f7aec453cec7da2d482102f440f0a74ac
88c1513eb75792be59bc2d555ee9fe9837236dda2e85a68afc0dc3ae6b88e7cf
a160fd1060c77d86dcf2601dd586bb11d94c02628225a3008347bef00d14fc95
a38665f0a0bacc964e11e0498f9c4eac1865ac2a0d96bb4806daa29f6a2078ad
c7f78dfd6f3c2399d67e350b4babb8c98f9fee248be3d196795339cb458e3c03
cd67ea6456cca58a8cf2275d48e76f63d68f34e43a14294f0066efd72cd22ece
d6464582b9c1db5eb0c17397633fb41f6e5e9f4f1918b3c507874981846ae916
d85656c079991c2103e2ada2ea01204a0065f9a0a04ea5fae550d6ec0cdc1df5
e5f73ba1ffbfd46db6b354df2c87bd043fcb8f8f1aa3b0e2ec48c8c0b9caf647
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f55295dd9150b8fc0c2c61ccf4a81ecb422ac6c6f44ff37f943c3bf7547bc4a4
f60215f414d0fe15f67add69ee8500a49f4234b24f13c8ff0ccbff69a5b22c33
f71dae48b1a537f3984e70cb09001519fcbfdc4a98165674f64bcd1fb9ff5dd9

myvelkamdeluxe.com Open in urlscan Pro 2606:4700:3031::681f:44f2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

95 %HTTPS

50 %IPv6

7 Domains

7 Subdomains

5 IPs

5 Countries

498 kBTransfer

723 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Indicators

myvelkamdeluxe.com Open in urlscan Pro
2606:4700:3031::681f:44f2 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

95 %
HTTPS

50 %
IPv6

7
Domains

7
Subdomains

5
IPs

5
Countries

498 kB
Transfer

723 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions