www.windowscasinocash.com Open in urlscan Pro
109.203.100.23  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.windowscasinocash.com/	10 KB 11 KB	283ms 36ms	Document text/html	109.203.100.23 NODE4-AS
General Check archive.org Show headers Download Go to Full URL http://www.windowscasinocash.com/ Protocol HTTP/1.1 Server 109.203.100.23 , United Kingdom, ASN31727 (NODE4-AS, GB), Reverse DNS Software Apache / Resource Hash 007b970551facdd9f8fdaa039d32ef2722894151db3fe42a078722ec2d89cbe7 Request headers Host www.windowscasinocash.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Sun, 17 Oct 2021 11:00:10 GMT Server Apache Last-Modified Mon, 05 Oct 2015 15:39:53 GMT Accept-Ranges bytes Content-Length 10551 Connection close Content-Type text/html
GET H/1.1	200 OK	xsp_styles.css www.windowscasinocash.com/	7 KB 7 KB	51ms 28ms	Stylesheet text/css	109.203.100.23 NODE4-AS
General Check archive.org Show headers Download Go to Full URL http://www.windowscasinocash.com/xsp_styles.css Requested by Host: www.windowscasinocash.com URL: http://www.windowscasinocash.com/ Protocol HTTP/1.1 Server 109.203.100.23 , United Kingdom, ASN31727 (NODE4-AS, GB), Reverse DNS Software Apache / Resource Hash 3bcb99d36228e10c9db3e887b9e462dcb31d1db17b7bbcc654338eb8006a0e85 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.windowscasinocash.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://www.windowscasinocash.com/ Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://www.windowscasinocash.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 11:00:10 GMT Last-Modified Sat, 14 Dec 2013 18:21:43 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 7351 Content-Type text/css
GET H/1.1	200 OK	WINDOWCASINO.png www.windowscasinocash.com/images/	365 KB 365 KB	60ms 37ms	Image image/png	109.203.100.23 NODE4-AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.windowscasinocash.com/images/WINDOWCASINO.png Requested by Host: www.windowscasinocash.com URL: http://www.windowscasinocash.com/ Protocol HTTP/1.1 Server 109.203.100.23 , United Kingdom, ASN31727 (NODE4-AS, GB), Reverse DNS Software Apache / Resource Hash f810d7f8b48bd41af7ceb34895887dd38893f64e79619b5e8bdfecbfb09bea46 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.windowscasinocash.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.windowscasinocash.com/ Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://www.windowscasinocash.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 11:00:10 GMT Last-Modified Sat, 14 Dec 2013 18:22:28 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 373371 Content-Type image/png
GET H/1.1	200 OK	g1.gif www.banner-secure.com/images/	84 KB 85 KB	357ms 181ms	Image image/gif	23.229.227.38 GO-DADDY-COM-LLC
General Check archive.org Show headers Download Go to Show image Full URL http://www.banner-secure.com/images/g1.gif Requested by Host: www.windowscasinocash.com URL: http://www.windowscasinocash.com/ Protocol HTTP/1.1 Server 23.229.227.38 Las Vegas, United States, ASN398101 (GO-DADDY-COM-LLC, US), Reverse DNS ip-23-229-227-38.ip.secureserver.net Software Apache / Resource Hash ddd544dd181fbac79e6eab239245de5cca1ca0c7738089ffb11be6d6e1aca13a Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.windowscasinocash.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 11:00:10 GMT Last-Modified Fri, 26 Mar 2021 22:08:41 GMT Server Apache ETag "b0210fe-150cf-5be77c654c6b5" Upgrade h2,h2c Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/gif Keep-Alive timeout=5, max=100 Content-Length 86223
GET H/1.1	200 OK	g2.gif www.banner-secure.com/images/	15 KB 16 KB	351ms 178ms	Image image/gif	23.229.227.38 GO-DADDY-COM-LLC
General Check archive.org Show headers Download Go to Show image Full URL http://www.banner-secure.com/images/g2.gif Requested by Host: www.windowscasinocash.com URL: http://www.windowscasinocash.com/ Protocol HTTP/1.1 Server 23.229.227.38 Las Vegas, United States, ASN398101 (GO-DADDY-COM-LLC, US), Reverse DNS ip-23-229-227-38.ip.secureserver.net Software Apache / Resource Hash c7da371d7c24b47a99055cf54826d53ddd2c57e14bcb2f7e166a1ecac2053429 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.windowscasinocash.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 11:00:10 GMT Last-Modified Thu, 23 Nov 2017 20:33:18 GMT Server Apache ETag "b02deee-3d20-55eac58aaa7dc" Upgrade h2,h2c Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/gif Keep-Alive timeout=5, max=100 Content-Length 15648
GET H/1.1	200 OK	g3.gif www.banner-secure.com/images/	23 KB 23 KB	347ms 173ms	Image image/gif	23.229.227.38 GO-DADDY-COM-LLC
General Check archive.org Show headers Download Go to Show image Full URL http://www.banner-secure.com/images/g3.gif Requested by Host: www.windowscasinocash.com URL: http://www.windowscasinocash.com/ Protocol HTTP/1.1 Server 23.229.227.38 Las Vegas, United States, ASN398101 (GO-DADDY-COM-LLC, US), Reverse DNS ip-23-229-227-38.ip.secureserver.net Software Apache / Resource Hash 72720c1d118ddd6edf26104cc1e529710febec3594a5a8c241da6c9e1dda7844 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.windowscasinocash.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 11:00:10 GMT Last-Modified Wed, 13 Sep 2017 23:44:34 GMT Server Apache ETag "b02de41-5ac2-5591abdf54f87" Upgrade h2,h2c Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/gif Keep-Alive timeout=5, max=100 Content-Length 23234
GET H/1.1	200 OK	1_22.png www.banner-tracking.com/images/888/	2 KB 2 KB	305ms 277ms	Image image/png	172.67.199.15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://www.banner-tracking.com/images/888/1_22.png Requested by Host: www.windowscasinocash.com URL: http://www.windowscasinocash.com/ Protocol HTTP/1.1 Server 172.67.199.15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b23620c6070cf66803ce99e8c862fa4f779ce228d3088cbd7ca20848bf904cf Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.windowscasinocash.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 11:00:10 GMT CF-Cache-Status MISS last-modified Wed, 06 Nov 2013 21:36:22 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7OVo3la0qI6G9jH4QRH8xjiLcb3hnf86JtPPeDoqTyNKlgvltNHwf8DQ6mcn%2Br3gV880uSCU%2FRWzvnck52WssB2wCayHnaN4l4jrcXB6l%2Fx1s3vR4dz35fcAFvwYvdKOVrYmUTpvYuS1Q%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 69f9058e3b0c3b7f-CDG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 1616
GET H/1.1	200 OK	CASINO88.jpg www.banner-tracking.com/images/888/	31 KB 31 KB	416ms 382ms	Image image/jpeg	172.67.199.15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://www.banner-tracking.com/images/888/CASINO88.jpg Requested by Host: www.windowscasinocash.com URL: http://www.windowscasinocash.com/ Protocol HTTP/1.1 Server 172.67.199.15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 20e1fabd4d2cfeca9ed1151d8c25113640f6abe9e9e43d018b4b419f8f514191 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.windowscasinocash.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 11:00:10 GMT CF-Cache-Status MISS last-modified Tue, 04 Apr 2017 15:34:08 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYvIUTF8RsFNFinCRIc6oNAL87z71Hu7uNaPHhJJYQVFToLL0%2BV3vXxXh4DY9NMZW%2FKOrt7fpWaFKJntqTCrSqgCTHzrFV%2F5wTo9fOyaD49cWsEKOieJcK4R2Euk6p1gqRrYGXcsf%2FBZNQ%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 69f9058e3f483bd4-CDG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 31272
GET H/1.1	200 OK	1window138.jpg www.windowscasinocash.com/images/	182 KB 182 KB	60ms 33ms	Image image/jpeg	109.203.100.23 NODE4-AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.windowscasinocash.com/images/1window138.jpg Requested by Host: www.windowscasinocash.com URL: http://www.windowscasinocash.com/ Protocol HTTP/1.1 Server 109.203.100.23 , United Kingdom, ASN31727 (NODE4-AS, GB), Reverse DNS Software Apache / Resource Hash 18f6aa9dfbf69c0ef02c0e6a7ba355220b5d96f6ad2525de6f3db8af2a3797d4 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.windowscasinocash.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.windowscasinocash.com/ Cookie popunder=yes Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://www.windowscasinocash.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 11:00:10 GMT Last-Modified Sat, 14 Dec 2013 18:22:18 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 186592 Content-Type image/jpeg
GET H/1.1	200 OK	widowcasinocash.jpg www.windowscasinocash.com/images/	155 KB 155 KB	68ms 40ms	Image image/jpeg	109.203.100.23 NODE4-AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.windowscasinocash.com/images/widowcasinocash.jpg Requested by Host: www.windowscasinocash.com URL: http://www.windowscasinocash.com/ Protocol HTTP/1.1 Server 109.203.100.23 , United Kingdom, ASN31727 (NODE4-AS, GB), Reverse DNS Software Apache / Resource Hash 0500c29b5bcfd9338683e63cc6fad86974e6b643086b351257e5f2e68713b461 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.windowscasinocash.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.windowscasinocash.com/ Cookie popunder=yes Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://www.windowscasinocash.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 11:00:10 GMT Last-Modified Sat, 14 Dec 2013 18:22:14 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 158978 Content-Type image/jpeg
GET H/1.1	200 OK	138SUNGAMECASINOS.gif www.windowscasinocash.com/images/	11 KB 11 KB	63ms 33ms	Image image/gif	109.203.100.23 NODE4-AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.windowscasinocash.com/images/138SUNGAMECASINOS.gif Requested by Host: www.windowscasinocash.com URL: http://www.windowscasinocash.com/ Protocol HTTP/1.1 Server 109.203.100.23 , United Kingdom, ASN31727 (NODE4-AS, GB), Reverse DNS Software Apache / Resource Hash d1f0f9c8277415f3fbda1dd97c6bb242d68a19cf8e3fa13b39720ea93b548be0 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.windowscasinocash.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.windowscasinocash.com/ Cookie popunder=yes Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://www.windowscasinocash.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 11:00:10 GMT Last-Modified Sat, 14 Dec 2013 18:21:45 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 10806 Content-Type image/gif
GET H/1.1	200 OK	twitter.png www.windowscasinocash.com/images/	1 KB 1 KB	61ms 31ms	Image image/png	109.203.100.23 NODE4-AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.windowscasinocash.com/images/twitter.png Requested by Host: www.windowscasinocash.com URL: http://www.windowscasinocash.com/ Protocol HTTP/1.1 Server 109.203.100.23 , United Kingdom, ASN31727 (NODE4-AS, GB), Reverse DNS Software Apache / Resource Hash bcf2410bf66e08f6791f6721403c2e63162128836c512eba8b484a060dfccfdb Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.windowscasinocash.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.windowscasinocash.com/ Cookie popunder=yes Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://www.windowscasinocash.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 11:00:10 GMT Last-Modified Sat, 14 Dec 2013 18:21:26 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 1176 Content-Type image/png
GET H/1.1	200 OK	02casino.gif www.banner-tracking.com/images/GENERIC/	7 KB 8 KB	276ms 267ms	Image image/gif	172.67.199.15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://www.banner-tracking.com/images/GENERIC/02casino.gif Requested by Host: www.windowscasinocash.com URL: http://www.windowscasinocash.com/ Protocol HTTP/1.1 Server 172.67.199.15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 22d2cd9532f9da452242cfab08abdb82ac36f28db73e54a6ec37a5f40c655c2f Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.windowscasinocash.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 11:00:10 GMT CF-Cache-Status MISS last-modified Wed, 02 Sep 2015 12:55:02 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xT6JdXPYpoBB046m10KzpOPPZObadMlRBWTDs5OvJlLsvZLNyHbTtYVoZoeaHn9B1ip4XFfX2VdJzfcq4CLgHWqDwl3%2FQoUzf7C2G9i0Y2GjA8kqeTBCZCchnUesotAWAa7PYrq04utNpQ%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/gif Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 69f9058e3ce039d5-CDG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 7341
GET H2	200	plusone.js Show response apis.google.com/js/	52 KB 21 KB	99ms 50ms	Script application/javascript	142.250.185.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/plusone.js Requested by Host: www.windowscasinocash.com URL: http://www.windowscasinocash.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f14.1e100.net Software ESF / Resource Hash cf4aa82a277dcc9151be7cad6bec03563daf4ac182b606f652b6265fdd010157 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-7KFW5yw0ptMIFAV0YpcZyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.windowscasinocash.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 17 Oct 2021 11:00:10 GMT content-encoding gzip x-content-type-options nosniff p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 x-ua-compatible IE=edge, chrome=1 server ESF etag "c34d224d0ee061f3752d1f91e397a052" x-frame-options SAMEORIGIN report-to {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 content-security-policy script-src 'report-sample' 'nonce-7KFW5yw0ptMIFAV0YpcZyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt" expires Sun, 17 Oct 2021 11:00:10 GMT
GET H2	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/	147 KB 51 KB	21ms 21ms	Script text/javascript	142.250.185.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0 Requested by Host: apis.google.com URL: https://apis.google.com/js/plusone.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f14.1e100.net Software sffe / Resource Hash 2ecc45ef1d382035c1367ab078ad6f52bae305feaa6dc5ac2c17908d8f7e2a55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.windowscasinocash.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 22:36:42 GMT content-encoding gzip x-content-type-options nosniff age 390208 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 51514 x-xss-protection 0 last-modified Fri, 10 Sep 2021 23:24:10 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="social-frontend-mpm-access" expires Wed, 12 Oct 2022 22:36:42 GMT
GET H2	200	cb=gapi.loaded_1 Show response apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/	96 KB 33 KB	41ms 40ms	Script text/javascript	142.250.185.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_1 Requested by Host: apis.google.com URL: https://apis.google.com/js/plusone.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f14.1e100.net Software sffe / Resource Hash cc8faf4ebe94f92af1aa97b73f052409171ff69671a93028fd57a726d1a49dd9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.windowscasinocash.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 22:10:16 GMT content-encoding gzip x-content-type-options nosniff age 391794 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33901 x-xss-protection 0 last-modified Fri, 10 Sep 2021 23:24:10 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="social-frontend-mpm-access" expires Wed, 12 Oct 2022 22:10:16 GMT
GET H2	404	fastbutton Show response apis.google.com/u/0/se/0/_/+1/ Frame 81D8	2 KB 2 KB	41ms 40ms	Document text/html	142.250.185.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&annotation=inline&width=300&origin=http%3A%2F%2Fwww.windowscasinocash.com&url=http%3A%2F%2Fwww.windowscasinocash.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__ Requested by Host: apis.google.com URL: https://apis.google.com/js/plusone.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f14.1e100.net Software / Resource Hash ac15d1868a55adcea61641c78efbb86feda3a65882f21bfe9fedd7348fb54be8 Request headers :method GET :authority apis.google.com :scheme https :path /u/0/se/0/_/+1/fastbutton?usegapi=1&annotation=inline&width=300&origin=http%3A%2F%2Fwww.windowscasinocash.com&url=http%3A%2F%2Fwww.windowscasinocash.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.windowscasinocash.com/ accept-encoding gzip, deflate, br cookie NID=511=Bc0HEb6ZGg0q1A9m9RvNm7vcC9VqIg_JZTo3ESFIZzzSrMkYTT2IOIKRpM4HleRk6Zw7fsUVXP56160d4bM9zXy0vk_cW_OeLYKZpHhBYdjyLv9GNsWc4qCck1SrBPSDdjZ9S1XxwaDNIg0YwdqoTZvqEhWZM-vogBbyCJDFEcg Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.windowscasinocash.com/ Response headers content-type text/html; charset=UTF-8 referrer-policy no-referrer content-length 1585 date Sun, 17 Oct 2021 11:00:10 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	postmessageRelay Show response accounts.google.com/o/oauth2/ Frame C9BD	566 B 878 B	86ms 31ms	Document text/html	142.250.185.141 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.windowscasinocash.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__ Requested by Host: apis.google.com URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.141 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f13.1e100.net Software ESF / Resource Hash 6afcf3879da0c788cfe3f5fd9cbbfe1a785544df6032de56e76559826998622e Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-IDFYkurNqdvaoFszSqFbSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority accounts.google.com :scheme https :path /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.windowscasinocash.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.windowscasinocash.com/ accept-encoding gzip, deflate, br cookie NID=511=Bc0HEb6ZGg0q1A9m9RvNm7vcC9VqIg_JZTo3ESFIZzzSrMkYTT2IOIKRpM4HleRk6Zw7fsUVXP56160d4bM9zXy0vk_cW_OeLYKZpHhBYdjyLv9GNsWc4qCck1SrBPSDdjZ9S1XxwaDNIg0YwdqoTZvqEhWZM-vogBbyCJDFEcg Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.windowscasinocash.com/ Response headers content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Sun, 17 Oct 2021 11:00:10 GMT content-security-policy script-src 'report-sample' 'nonce-IDFYkurNqdvaoFszSqFbSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport content-encoding gzip server ESF x-xss-protection 0 x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	googlelogo_color_150x54dp.png www.google.com/images/branding/googlelogo/1x/ Frame 81D8	3 KB 4 KB	87ms 32ms	Image image/png	142.250.186.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png Requested by Host: apis.google.com URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&annotation=inline&width=300&origin=http%3A%2F%2Fwww.windowscasinocash.com&url=http%3A%2F%2Fwww.windowscasinocash.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.68 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f4.1e100.net Software sffe / Resource Hash dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://apis.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 17 Oct 2021 11:00:10 GMT x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:30:00 GMT server sffe report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control private, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3170 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sun, 17 Oct 2021 11:00:10 GMT
GET H2	200	2607672972-postmessagerelay.js Show response ssl.gstatic.com/accounts/o/ Frame C9BD	10 KB 5 KB	71ms 20ms	Script text/javascript	142.250.185.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.gstatic.com/accounts/o/2607672972-postmessagerelay.js Requested by Host: accounts.google.com URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.windowscasinocash.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f3.1e100.net Software sffe / Resource Hash 8874eb2e4480aca2c2cbb14e2309ad6e153676c1e12231ef79fecbfbc3ac66da Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://accounts.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 08:47:45 GMT content-encoding gzip x-content-type-options nosniff age 180745 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4308 x-xss-protection 0 last-modified Thu, 07 Oct 2021 02:16:30 GMT server sffe vary Accept-Encoding report-to {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="federated-signon-mpm-access" expires Sat, 15 Oct 2022 08:47:45 GMT
GET H3	200	rpc:shindig_random.js Show response apis.google.com/js/ Frame C9BD	13 KB 5 KB	66ms 65ms	Script application/javascript	142.250.185.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/rpc:shindig_random.js?onload=init Requested by Host: accounts.google.com URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.windowscasinocash.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f14.1e100.net Software ESF / Resource Hash 87629cd57dbd6b0971f759ce88e454d939a2275b69e9a113c1f421d2dcf4d4bd Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-q33g6sWE61dFubxGrY9tpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://accounts.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 17 Oct 2021 11:00:10 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 x-ua-compatible IE=edge, chrome=1 server ESF etag "9c5a8574bdf283ce8259de0154ce003e" x-frame-options SAMEORIGIN report-to {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 content-security-policy script-src 'report-sample' 'nonce-q33g6sWE61dFubxGrY9tpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt" expires Sun, 17 Oct 2021 11:00:10 GMT
GET H3	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ Frame C9BD	50 KB 18 KB	25ms 25ms	Script text/javascript	142.250.185.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0 Requested by Host: apis.google.com URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f14.1e100.net Software sffe / Resource Hash 8b4ca02afc05579b79ae3765ccff134871e2ed02f8f7c133efdc8b779ee3deb1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://accounts.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 10:06:57 GMT content-encoding gzip x-content-type-options nosniff age 175993 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18128 x-xss-protection 0 last-modified Fri, 10 Sep 2021 23:24:10 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="social-frontend-mpm-access" expires Sat, 15 Oct 2022 10:06:57 GMT

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster string| popunder string| winfeatures number| once_per_session function| get_cookie function| loadornot function| loadpopunder object| win2 object| gapi object| ___jsl object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.windowscasinocash.com/	1969-12-31 23:59:59	Name: popunder Value: yes
			.google.com/	1970-01-20 02:24:39	Name: NID Value: 511=Bc0HEb6ZGg0q1A9m9RvNm7vcC9VqIg_JZTo3ESFIZzzSrMkYTT2IOIKRpM4HleRk6Zw7fsUVXP56160d4bM9zXy0vk_cW_OeLYKZpHhBYdjyLv9GNsWc4qCck1SrBPSDdjZ9S1XxwaDNIg0YwdqoTZvqEhWZM-vogBbyCJDFEcg
			www.secure-enter.com/	1970-01-19 22:44:20	Name: prli_click_17 Value: casinos-bonus
			www.secure-enter.com/	1970-01-20 06:46:44	Name: prli_visitor Value: 616c023b9e077
			record.superiorshare.com/	1970-01-20 06:46:44	Name: VID1 Value: Jy0jKFIsQzxYLUBgYApgCg%3D%3D
			.superiorshare.com/	1970-01-20 06:46:44	Name: ZBan Value: 7BHO8CM37ZxSKv1x3gBB7GNd7ZgqdRLk
			.luckytigerpromo.com/	1970-01-19 22:44:20	Name: lt_tr_token Value: 7BHO8CM37ZxSKv1x3gBB7GNd7ZgqdRLk
			.luckytigerpromo.com/	1970-01-19 22:44:20	Name: lt_tr_affId Value: 20
			luckytigerpromo.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: d08ea557bd9d53bc7ddf596caa563c17
			.luckytigerpromo.com/	1970-01-20 15:32:20	Name: _ga Value: GA1.2.1554552117.1634468413
			.luckytigerpromo.com/	1970-01-19 22:02:34	Name: _gid Value: GA1.2.341172674.1634468413
			.luckytigerpromo.com/	1970-01-19 22:01:08	Name: _gat_UA-157439692-5 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&annotation=inline&width=300&origin=http%3A%2F%2Fwww.windowscasinocash.com&url=http%3A%2F%2Fwww.windowscasinocash.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh%2Conload&id=I0_1634468410710&_gfid=I0_1634468410710&parent=http%3A%2F%2Fwww.windowscasinocash.com&pfname=&rpctoken=22925991 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
ssl.gstatic.com
www.banner-secure.com
www.banner-tracking.com
www.google.com
www.windowscasinocash.com
109.203.100.23
142.250.185.141
142.250.185.227
142.250.185.238
142.250.186.68
172.67.199.15
23.229.227.38
007b970551facdd9f8fdaa039d32ef2722894151db3fe42a078722ec2d89cbe7
0500c29b5bcfd9338683e63cc6fad86974e6b643086b351257e5f2e68713b461
18f6aa9dfbf69c0ef02c0e6a7ba355220b5d96f6ad2525de6f3db8af2a3797d4
20e1fabd4d2cfeca9ed1151d8c25113640f6abe9e9e43d018b4b419f8f514191
22d2cd9532f9da452242cfab08abdb82ac36f28db73e54a6ec37a5f40c655c2f
2ecc45ef1d382035c1367ab078ad6f52bae305feaa6dc5ac2c17908d8f7e2a55
3bcb99d36228e10c9db3e887b9e462dcb31d1db17b7bbcc654338eb8006a0e85
4b23620c6070cf66803ce99e8c862fa4f779ce228d3088cbd7ca20848bf904cf
6afcf3879da0c788cfe3f5fd9cbbfe1a785544df6032de56e76559826998622e
72720c1d118ddd6edf26104cc1e529710febec3594a5a8c241da6c9e1dda7844
87629cd57dbd6b0971f759ce88e454d939a2275b69e9a113c1f421d2dcf4d4bd
8874eb2e4480aca2c2cbb14e2309ad6e153676c1e12231ef79fecbfbc3ac66da
8b4ca02afc05579b79ae3765ccff134871e2ed02f8f7c133efdc8b779ee3deb1
ac15d1868a55adcea61641c78efbb86feda3a65882f21bfe9fedd7348fb54be8
bcf2410bf66e08f6791f6721403c2e63162128836c512eba8b484a060dfccfdb
c7da371d7c24b47a99055cf54826d53ddd2c57e14bcb2f7e166a1ecac2053429
cc8faf4ebe94f92af1aa97b73f052409171ff69671a93028fd57a726d1a49dd9
cf4aa82a277dcc9151be7cad6bec03563daf4ac182b606f652b6265fdd010157
d1f0f9c8277415f3fbda1dd97c6bb242d68a19cf8e3fa13b39720ea93b548be0
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
ddd544dd181fbac79e6eab239245de5cca1ca0c7738089ffb11be6d6e1aca13a
f810d7f8b48bd41af7ceb34895887dd38893f64e79619b5e8bdfecbfb09bea46