refbanners.website Open in urlscan Pro
45.135.122.227 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lyunmo.shop/
Effective URL:
https://refbanners.website/I?tag=d_2687483m_16735c_&site=2687483&ad=16735
Submission: On December 20 via api (December 20th 2024, 4:01:54 am UTC) from US — Scanned from NL

Summary HTTP 22 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 22 HTTP transactions. The main IP is 45.135.122.227, located in Amsterdam, Netherlands and belongs to MELBICOM-EU-AS Melbikomas UAB, LT. The main domain is refbanners.website.
TLS certificate: Issued by R11 on November 11th 2024. Valid for: 3 months.

This is the only time refbanners.website was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 17	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	45.135.122.227 45.135.122.227	56630 (MELBICOM-...) (MELBICOM-EU-AS Melbikomas UAB)
1	45.135.120.33 45.135.120.33	56630 (MELBICOM-...) (MELBICOM-EU-AS Melbikomas UAB)
22	4

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lyunmo.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

casino-spin.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.135.122.227 (Amsterdam, Netherlands)

ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT)

refbanners.website	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.135.120.33 (Amsterdam, Netherlands)

ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT)

refpaqutiu.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	casino-spin.de 1 redirects casino-spin.de	306 KB
4	refbanners.website refbanners.website	3 KB
1	refpaqutiu.top refpaqutiu.top	41 KB
1	lyunmo.shop 1 redirects lyunmo.shop	754 B
22	4

	Domain	Requested by
17	casino-spin.de	1 redirects casino-spin.de
4	refbanners.website	refbanners.website
1	refpaqutiu.top	refbanners.website
1	lyunmo.shop	1 redirects
22	4

This site contains links to these domains. Also see Links.

Domain
refpaqutiu.top

Subject Issuer	Validity	Valid
casino-spin.de WE1	`2024-11-07` - `2025-02-05`	3 months	crt.sh
refbanners.website R11	`2024-11-11` - `2025-02-09`	3 months	crt.sh
refpaqutiu.top R10	`2024-12-02` - `2025-03-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://refbanners.website/I?tag=d_2687483m_16735c_&site=2687483&ad=16735
Frame ID: 1812C0EADDA0685F92EBC49B11E78737
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page URL History Show full URLs

http://lyunmo.shop/ HTTP 307
https://lyunmo.shop/ HTTP 302
https://casino-spin.de/basic-promo// HTTP 301
https://casino-spin.de/basic-promo/ Page URL
https://refbanners.website/I?tag=d_2687483m_16735c_&site=2687483&ad=16735 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

22
Requests

95 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

350 kB
Transfer

1578 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://refpaqutiu.top/C?tag=d_2687483m_16735c_&site=2687483&ad=16735&urlred=https%3A%2F%2F1xslotred67189.top%2Fnl

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lyunmo.shop/ HTTP 307
https://lyunmo.shop/ HTTP 302
https://casino-spin.de/basic-promo// HTTP 301
https://casino-spin.de/basic-promo/ Page URL
https://refbanners.website/I?tag=d_2687483m_16735c_&site=2687483&ad=16735 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://lyunmo.shop/ HTTP 307
https://lyunmo.shop/ HTTP 302
https://casino-spin.de/basic-promo// HTTP 301
https://casino-spin.de/basic-promo/

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

/ Show response
casino-spin.de/basic-promo/
Redirect Chain

http://lyunmo.shop/
https://lyunmo.shop/
https://casino-spin.de/basic-promo//
https://casino-spin.de/basic-promo/

34 KB
10 KB

1223ms
1223ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino-spin.de/basic-promo/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ec8a46c7f8741ca95b9b35076b6139e940a990dfe6ff85f8fbf33b681b9835b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f4cbbbdcefe66de-AMS
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Fri, 20 Dec 2024 04:01:50 GMT
link: <https://casino-spin.de/wp-json/>; rel="https://api.w.org/" <https://casino-spin.de/wp-json/wp/v2/pages/1442>; rel="alternate"; title="JSON"; type="application/json" <https://casino-spin.de/?p=1442>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2B28fv5i%2F6%2BsaV4FJ%2Bftn1E%2FWz9gJ21AgdTai9NwBZxb6ybx5ciS4XU%2B95iSr1YyNIlbH3K2hBjM8YycQ5el86YjbGqJC7pKWskNUrk9N5teV23FfWVLaqSP7hsKxFHJXw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=15219&min_rtt=14713&rtt_var=2228&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4881&recv_bytes=4895&delivery_rate=43649&cwnd=12000&unsent_bytes=0&cid=196796db6c0aaf0f&ts=2309&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f4cbbb70c2d66de-AMS
content-type: text/html; charset=UTF-8
date: Fri, 20 Dec 2024 04:01:49 GMT
location: https://casino-spin.de/basic-promo/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0V7JSWjPLrooxjL18bKotADIIE0BpJpNQF5HosD1Z8bPcDeGN0Lg5FEzDRFQiWuFzscxvpXez2J1eDfqsEKdB9sfRm8%2FKUKTG2bImSjpCRKHDScQPKh0Ujp7telYYR9ocQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=15024&min_rtt=14713&rtt_var=2450&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4133&recv_bytes=4498&delivery_rate=698&cwnd=12000&unsent_bytes=0&cid=196796db6c0aaf0f&ts=1084&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security: max-age=31536000
x-redirect-by: WordPress

GET
H3 200 style.min.css
casino-spin.de/wp-includes/css/dist/block-library/ 112 KB
19 KB 68ms
68ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino-spin.de/wp-includes/css/dist/block-library/style.min.css?ver=6.7.1

Requested by

Host: casino-spin.de
URL: https://casino-spin.de/basic-promo/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino-spin.de/basic-promo/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"67606bbb-1c012"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b1rPusU8eyRd%2FdEGnMvzkb8VqLo8n2%2BKj2CasriG0vQR7x5sH2scbe4h%2FHo8ihcebHgOREteO8U%2BP8Kdq%2FVlMwqWTEjW%2BhUI2RnHLAFTiGVjOtgSE2tgGYW09t4tdrTscA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Dec 2024 16:01:50 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14893&min_rtt=14549&rtt_var=282&sent=50&recv=34&lost=0&retrans=0&sent_bytes=44093&recv_bytes=9746&delivery_rate=356547&cwnd=16800&unsent_bytes=0&cid=196796db6c0aaf0f&ts=2380&x=1", cfExtPri, cfHdrFlush;dur=4
date: Fri, 20 Dec 2024 04:01:51 GMT
content-type: text/css
last-modified: Mon, 16 Dec 2024 18:04:43 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f4cbbc57b2466de-AMS
server: cloudflare

GET
H3 200 custom.css
casino-spin.de/wp-content/uploads/js_composer/ 35 B
738 B 70ms
70ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino-spin.de/wp-content/uploads/js_composer/custom.css?ver=7.8

Requested by

Host: casino-spin.de
URL: https://casino-spin.de/basic-promo/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6060af826a3c79fc8829a0779daac9b264c313072904e4f09175ff574110a5dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino-spin.de/basic-promo/

Response headers

cf-cache-status: MISS
etag: "67606bba-23"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o6B3oYG4VGw2wGDMGa0b3F7Trl569oP1rLVISF8ACXsCVIH%2F73zkjbkKh%2F%2BLnzw0%2FG0v33xBmiWk4dasqRReqIrFSxt8ZioHOWM0Vw7Vxobt0Sy85RIfmThG2RhNjUgMyA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Dec 2024 16:01:50 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14893&min_rtt=14549&rtt_var=282&sent=50&recv=34&lost=0&retrans=0&sent_bytes=44093&recv_bytes=9746&delivery_rate=356547&cwnd=16800&unsent_bytes=0&cid=196796db6c0aaf0f&ts=2372&x=1", cfExtPri, cfHdrFlush;dur=13
date: Fri, 20 Dec 2024 04:01:50 GMT
content-type: text/css
last-modified: Mon, 16 Dec 2024 18:04:42 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f4cbbc57b2866de-AMS
accept-ranges: bytes
content-length: 35
server: cloudflare

GET
H3 200 theme_css_vars.css
casino-spin.de/wp-content/uploads/porto_styles/ 2 KB
1 KB 54ms
53ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino-spin.de/wp-content/uploads/porto_styles/theme_css_vars.css?ver=6.2.3

Requested by

Host: casino-spin.de
URL: https://casino-spin.de/basic-promo/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee6415af6470162e09862bb09423acfa7499f435e758cab41f02dd3045b75095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino-spin.de/basic-promo/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"67606eb9-8d6"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LAPKK5C5iZA01TqKvjh2QG6GmZrMhITEEnkLUwTSACSRr8V%2FCz69S1n0UAS3GexUHtEbhpZIePRjweB85hcvrnQVu5PfgBBPVVaTZzLWHdLyUpKrA7CG%2BXFUTiZ99yJbOg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Dec 2024 16:01:50 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14988&min_rtt=14713&rtt_var=616&sent=35&recv=29&lost=0&retrans=0&sent_bytes=27293&recv_bytes=9531&delivery_rate=8499&cwnd=12000&unsent_bytes=0&cid=196796db6c0aaf0f&ts=2365&x=1", cfExtPri, cfHdrFlush;dur=5
date: Fri, 20 Dec 2024 04:01:50 GMT
content-type: text/css
last-modified: Mon, 16 Dec 2024 18:17:29 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f4cbbc57b2966de-AMS
server: cloudflare

GET
H3 200 js_composer.min.css
casino-spin.de/wp-content/plugins/js_composer/assets/css/ 448 KB
55 KB 39ms
38ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino-spin.de/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=7.8

Requested by

Host: casino-spin.de
URL: https://casino-spin.de/basic-promo/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e9757b5638ea6b676d1b54301883af6d754536a557d9fcea6de5fbb4a5d0742

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino-spin.de/basic-promo/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"67606baf-70054"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nIwnSOttoBLBzu4%2FdW5EmqktVdf2gvbNbQsmPnpp3DtC7TU%2FRbOaVU8Lt2JM6IZ%2F7IjH8LVja4K286HY32j55lNK8H2RiTreHCUBQg0r5C2OqvoXqVr8LW7mJXlxHrFLPg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Dec 2024 16:01:50 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14988&min_rtt=14713&rtt_var=616&sent=25&recv=29&lost=0&retrans=0&sent_bytes=15293&recv_bytes=9531&delivery_rate=8499&cwnd=12000&unsent_bytes=0&cid=196796db6c0aaf0f&ts=2355&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 20 Dec 2024 04:01:50 GMT
content-type: text/css
last-modified: Mon, 16 Dec 2024 18:04:31 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f4cbbc57b2a66de-AMS
server: cloudflare

GET
H3 200 bootstrap.css
casino-spin.de/wp-content/uploads/porto_styles/ 197 KB
34 KB 86ms
85ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino-spin.de/wp-content/uploads/porto_styles/bootstrap.css?ver=6.2.3

Requested by

Host: casino-spin.de
URL: https://casino-spin.de/basic-promo/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f606e82badade51831dc07d4c85b36ca7925337ac5eb2b44c984917f89073d61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino-spin.de/basic-promo/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"67606bba-315e6"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VYKBVaCj7VRTRg7Se5pPLkpYlZApZU9VdhXPLVKJU5YNR9S%2FklIgceaPN%2BE2%2BWKFcePnirPR8F9frhn3pdaqbUth%2B9yv9OcwUuimnODCx%2Bikof3YV9FMwv4C%2FXXDuUXR6A%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Dec 2024 16:01:50 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14893&min_rtt=14549&rtt_var=282&sent=50&recv=34&lost=0&retrans=0&sent_bytes=44093&recv_bytes=9746&delivery_rate=356547&cwnd=16800&unsent_bytes=0&cid=196796db6c0aaf0f&ts=2374&x=1", cfExtPri, cfHdrFlush;dur=11
date: Fri, 20 Dec 2024 04:01:51 GMT
content-type: text/css
last-modified: Mon, 16 Dec 2024 18:04:42 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f4cbbc57b2d66de-AMS
server: cloudflare

GET
H3 200 plugins.css
casino-spin.de/wp-content/themes/porto/css/ 111 KB
27 KB 87ms
86ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino-spin.de/wp-content/themes/porto/css/plugins.css?ver=6.2.3

Requested by

Host: casino-spin.de
URL: https://casino-spin.de/basic-promo/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20c0a1ecf76a15efb6232bb2118c88974301eaf8e2eb5ab0d25c55c1a271fc62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino-spin.de/basic-promo/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"67606bad-1bb84"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ADwH1%2BraTTON4yB7QUwRFVCmrX4%2FyK6r%2B9rLGo6mMyV6GVClUJ57HLprHMBk7x78ei8njvgdYtc%2B270G2pvfat6ahjQAv%2F2Fd%2Bf94q8DxZj5uYC5NJH64Oq%2F%2BQugHfKcTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Dec 2024 16:01:50 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14893&min_rtt=14549&rtt_var=282&sent=50&recv=34&lost=0&retrans=0&sent_bytes=44093&recv_bytes=9746&delivery_rate=356547&cwnd=16800&unsent_bytes=0&cid=196796db6c0aaf0f&ts=2374&x=1", cfExtPri, cfHdrFlush;dur=11
date: Fri, 20 Dec 2024 04:01:51 GMT
content-type: text/css
last-modified: Mon, 16 Dec 2024 18:04:29 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f4cbbc57b2e66de-AMS
server: cloudflare

GET
H3 200 theme.css
casino-spin.de/wp-content/themes/porto/css/ 260 KB
57 KB 102ms
102ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino-spin.de/wp-content/themes/porto/css/theme.css?ver=6.2.3

Requested by

Host: casino-spin.de
URL: https://casino-spin.de/basic-promo/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

778607610a5ce26f2d63839ef9751dcfea2061f79bcee68af4cbe5b0ac822ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino-spin.de/basic-promo/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"67606bad-41047"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=li%2FqQ7PsdjK%2BaGREewSZ9hijrYrNIFnDk%2BOJb0MpElGE33LAPnkmnPYsccmO66FYbkzUuZrYxkb2%2F65u%2Bhm77GpZJw0d7KKO8FUDjEkZsaKZ7NuE9OXt%2Bvn%2FhBS3h30FHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Dec 2024 16:01:50 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15199&min_rtt=14432&rtt_var=515&sent=78&recv=41&lost=0&retrans=0&sent_bytes=75293&recv_bytes=10047&delivery_rate=461579&cwnd=32400&unsent_bytes=0&cid=196796db6c0aaf0f&ts=2388&x=1", cfExtPri, cfHdrFlush;dur=11
date: Fri, 20 Dec 2024 04:01:51 GMT
content-type: text/css
last-modified: Mon, 16 Dec 2024 18:04:29 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f4cbbc57b2f66de-AMS
server: cloudflare

GET
H3 200 shortcodes.css
casino-spin.de/wp-content/themes/porto/css/ 127 KB
28 KB 106ms
105ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino-spin.de/wp-content/themes/porto/css/shortcodes.css?ver=6.2.3

Requested by

Host: casino-spin.de
URL: https://casino-spin.de/basic-promo/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c254c7b80430809f123ed7f2943ecffd67ba5bdc1f856974655077145ad7e65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino-spin.de/basic-promo/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"67606bad-1fa6e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tTVnfBKQBOr8zxuIxahzTV%2BaIDly%2FtDgQBEHkEqVbe82Yc52ZY28VxVdmzN71PaJLcqqCn1uja%2F%2FEemCX8h10RzuhWhR7zApGcXNHRpbebFvRwhFlPnImpvCJidx3KQE3w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Dec 2024 16:01:50 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14988&min_rtt=14713&rtt_var=616&sent=35&recv=29&lost=0&retrans=0&sent_bytes=27293&recv_bytes=9531&delivery_rate=8499&cwnd=12000&unsent_bytes=0&cid=196796db6c0aaf0f&ts=2368&x=1", cfExtPri, cfHdrFlush;dur=2
date: Fri, 20 Dec 2024 04:01:50 GMT
content-type: text/css
last-modified: Mon, 16 Dec 2024 18:04:29 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f4cbbc57b3066de-AMS
server: cloudflare

GET
H3 200 dynamic_style.css
casino-spin.de/wp-content/uploads/porto_styles/ 119 KB
24 KB 116ms
115ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino-spin.de/wp-content/uploads/porto_styles/dynamic_style.css?ver=6.2.3

Requested by

Host: casino-spin.de
URL: https://casino-spin.de/basic-promo/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eb849a34ea95191aca099826649c11ffd9edeef47149758faa2f42ed659c736

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino-spin.de/basic-promo/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"67606eb9-1dc61"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0UDFUrKcXKFLSGvioaHf98p6CsVCLPvVURsUHlBUeJYBBD%2Bf0yChZXKA%2Fq9d8RCe1BT5VWvij148kND11HtRPBGe1oP3EY6pPhRaeD0vDZHtiNt6MUSqyxrsXFVTxjY%2FoA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Dec 2024 16:01:50 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14893&min_rtt=14549&rtt_var=282&sent=50&recv=34&lost=0&retrans=0&sent_bytes=44093&recv_bytes=9746&delivery_rate=356547&cwnd=16800&unsent_bytes=0&cid=196796db6c0aaf0f&ts=2381&x=1", cfExtPri, cfHdrFlush;dur=4
date: Fri, 20 Dec 2024 04:01:51 GMT
content-type: text/css
last-modified: Mon, 16 Dec 2024 18:17:29 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f4cbbc57b3166de-AMS
server: cloudflare

GET
H3 200 style.css
casino-spin.de/wp-content/themes/porto/ 807 B
1 KB 117ms
117ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino-spin.de/wp-content/themes/porto/style.css?ver=6.2.3

Requested by

Host: casino-spin.de
URL: https://casino-spin.de/basic-promo/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

869cce27ed79b3eecc3701420e6a258eb7dee60017a079c7cc164f312002344e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino-spin.de/basic-promo/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"67606bad-327"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AQ%2Bf%2FJ4HtauaVtrHhSxrP1czQEukizqm%2Bzcx9GwnuA6tckpuG%2B%2B2ig959e3WRm5GJD%2Bq5K1%2FPkucPuFJmlnCqt%2BC3jAybMVGZBqrMbinwum1VCOBEZHTxB3qLDlbQciZSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Dec 2024 16:01:50 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14893&min_rtt=14549&rtt_var=282&sent=50&recv=34&lost=0&retrans=0&sent_bytes=44093&recv_bytes=9746&delivery_rate=356547&cwnd=16800&unsent_bytes=0&cid=196796db6c0aaf0f&ts=2376&x=1", cfExtPri, cfHdrFlush;dur=9
date: Fri, 20 Dec 2024 04:01:51 GMT
content-type: text/css
last-modified: Mon, 16 Dec 2024 18:04:29 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f4cbbc57b3366de-AMS
server: cloudflare

GET
H3 200 style.css
casino-spin.de/wp-content/themes/porto-child/ 773 B
1 KB 118ms
118ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino-spin.de/wp-content/themes/porto-child/style.css?ver=6.7.1

Requested by

Host: casino-spin.de
URL: https://casino-spin.de/basic-promo/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d940a913416dd2fd23bed69586782a0f898da6f4381ef588c33c08006c885a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino-spin.de/basic-promo/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"67606bac-305"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2F9WprQtKgU0WN8TcsfGPDybx3I%2Bvk3KA4vh6ohCGG6mZdPVQJRQDK5FHeBHO%2F87ongbbBb0FNlWixCZmtTSo5HLKPTCPJPQAlknFJ8Os4XK%2BvlmIW7Hwl9MkX%2B7kAL6hg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Dec 2024 16:01:50 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14893&min_rtt=14549&rtt_var=282&sent=50&recv=34&lost=0&retrans=0&sent_bytes=44093&recv_bytes=9746&delivery_rate=356547&cwnd=16800&unsent_bytes=0&cid=196796db6c0aaf0f&ts=2374&x=1", cfExtPri, cfHdrFlush;dur=11
date: Fri, 20 Dec 2024 04:01:51 GMT
content-type: text/css
last-modified: Mon, 16 Dec 2024 18:04:28 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f4cbbc57b3466de-AMS
server: cloudflare

GET
H3 200 jquery.min.js Show response
casino-spin.de/wp-includes/js/jquery/ 86 KB
34 KB 118ms
118ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino-spin.de/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: casino-spin.de
URL: https://casino-spin.de/basic-promo/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino-spin.de/basic-promo/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"67606bbb-15601"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2FzfbQfRfZrpryiOAR6AlFbiz7WMa28oghvI2hDoYxZ%2FJqEZLH0CeHlli0M4aFNwjppjcYi5%2FMCZfiYG8lz3j22Z7T6AfxOnUnxuYOVUlOk5d4z9F%2BUS8RYrNWcygWaM%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Dec 2024 16:01:50 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14988&min_rtt=14713&rtt_var=616&sent=35&recv=29&lost=0&retrans=0&sent_bytes=27293&recv_bytes=9531&delivery_rate=8499&cwnd=12000&unsent_bytes=0&cid=196796db6c0aaf0f&ts=2367&x=1", cfExtPri, cfHdrFlush;dur=3
date: Fri, 20 Dec 2024 04:01:50 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 18:04:43 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f4cbbc57b3566de-AMS
server: cloudflare

GET
H3 200 jquery-migrate.min.js Show response
casino-spin.de/wp-includes/js/jquery/ 13 KB
6 KB 122ms
121ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino-spin.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: casino-spin.de
URL: https://casino-spin.de/basic-promo/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino-spin.de/basic-promo/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"67606bbb-3509"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nvn2W9ofZ5iCHbE0HOvCWKg6EdzEZVFrQeQaTy7uGx5SUBicuXB%2Fs42yLHnlv2kdAetXyE7A2S0tX4FSAQ3DGxZrfsMgYRyHry%2BQSydzRSdWaBLOtq8u%2BhxUZB4ZgxcDkw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Dec 2024 16:01:50 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14893&min_rtt=14549&rtt_var=282&sent=50&recv=34&lost=0&retrans=0&sent_bytes=44093&recv_bytes=9746&delivery_rate=356547&cwnd=16800&unsent_bytes=0&cid=196796db6c0aaf0f&ts=2372&x=1", cfExtPri, cfHdrFlush;dur=13
date: Fri, 20 Dec 2024 04:01:50 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 18:04:43 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f4cbbc57b3666de-AMS
server: cloudflare

GET b85561be-0a7e-43a4-a9da-ef2b68906e1c
https://casino-spin.de/ 0
0

GET
H3 200 wp-emoji-release.min.js Show response
casino-spin.de/wp-includes/js/ 18 KB
6 KB 50ms
50ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino-spin.de/wp-includes/js/wp-emoji-release.min.js?ver=6.7.1

Requested by

Host: casino-spin.de
URL: https://casino-spin.de/basic-promo/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino-spin.de/basic-promo/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"67606bbb-4926"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t4wktqEJ%2Bn8Z%2F1a28htTW3swW9cGNsrswZ3Mg13mpCLkd8RuErVVDmFM29hZIU2HCfJSjftofs50xY%2FqdYe2rqRlLNM6tEafa7a992PIuTZNLwvAhpwLWHWSoaPFhlQP8A%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Dec 2024 16:01:51 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15609&min_rtt=14432&rtt_var=1115&sent=297&recv=94&lost=3&retrans=3&sent_bytes=319203&recv_bytes=12699&delivery_rate=4063603&cwnd=80640&unsent_bytes=0&cid=196796db6c0aaf0f&ts=2500&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 20 Dec 2024 04:01:51 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 18:04:43 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f4cbbc65ba466de-AMS
server: cloudflare

GET
H2 200 Primary Request I Show response
refbanners.website/ 638 B
493 B 116ms
26ms Document
text/html 45.135.122.227
MELBICOM-EU-AS Me...

General

Check archive.org

Show headers Download Go to

Full URL

https://refbanners.website/I?tag=d_2687483m_16735c_&site=2687483&ad=16735

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.135.122.227 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),

Reverse DNS

Software

nginx /

Resource Hash

61e4384457e6d28da63412c35b99eeb4ca607f0f0cae0a27216c892275905aa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://casino-spin.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 20 Dec 2024 04:01:51 GMT
server: nginx
server-timing: wf-uht;dur=0.008
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding

GET
H3 200 favicon.ico
casino-spin.de/wp-content/themes/porto/images/logo/ 1 KB
1 KB 50ms
50ms Other
image/x-icon 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino-spin.de/wp-content/themes/porto/images/logo/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino-spin.de/basic-promo/

Response headers

content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"67606bac-47e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fFkOYDoY0NJY54mVBojUFuiFzEOoY4DAHUJvms7eDt0iLRZNPX6jgV396s%2BZxe%2BAYUgm6kWYE%2FUPBn3xgusezfyoGNHaJltR17XXUB99DP1uTjM0DN4K8K8AXD1NsxVRiw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15537&min_rtt=14432&rtt_var=979&sent=304&recv=96&lost=3&retrans=3&sent_bytes=325752&recv_bytes=13123&delivery_rate=123446&cwnd=80640&unsent_bytes=0&cid=196796db6c0aaf0f&ts=2555&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 20 Dec 2024 04:01:51 GMT
content-type: image/x-icon
last-modified: Mon, 16 Dec 2024 18:04:28 GMT
vary: Accept-Encoding
priority: u=1,i
strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f4cbbc6ac1466de-AMS
server: cloudflare

GET
H2 200 defbcc3c-3c0a-4f6d-a3ee-f1f1a6711ac0.gif
refpaqutiu.top/img/AdAgent_12/ 41 KB
41 KB 419ms
30ms Image
image/gif 45.135.120.33
MELBICOM-EU-AS Me...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refpaqutiu.top/img/AdAgent_12/defbcc3c-3c0a-4f6d-a3ee-f1f1a6711ac0.gif

Requested by

Host: refbanners.website
URL: https://refbanners.website/I?tag=d_2687483m_16735c_&site=2687483&ad=16735

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.135.120.33 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),

Reverse DNS

Software

nginx /

Resource Hash

5d6af5d2ca3282ded09b3aea1ca1f431876a3c1f5913ac8a213d815703813f35

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refbanners.website/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=86400
etag: "804382e78e81d41:0"
accept-ranges: bytes
server-timing: wf-uht;dur=0.003
content-length: 42080
date: Fri, 20 Dec 2024 04:01:51 GMT
content-type: image/gif
last-modified: Wed, 21 Nov 2018 11:39:47 GMT
server: nginx

GET
H2 200 checker.js Show response
refbanners.website/checker/ 6 KB
2 KB 16ms
16ms Script
text/javascript 45.135.122.227
MELBICOM-EU-AS Me...

General

Check archive.org

Show headers Download Go to

Full URL

https://refbanners.website/checker/checker.js

Requested by

Host: refbanners.website
URL: https://refbanners.website/I?tag=d_2687483m_16735c_&site=2687483&ad=16735

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.135.122.227 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),

Reverse DNS

Software

nginx /

Resource Hash

198a55310d4d5b786ff571ff4f16a66505bb17545c557818c8de810851616955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refbanners.website/I?tag=d_2687483m_16735c_&site=2687483&ad=16735

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=63072000; includeSubDomains; preload
cache-control: max-age=3600
content-encoding: br
etag: W/"fdab2f6cb63aa36a31900500c120b350"
x-amz-meta-mtime: 1734582771.260311523
expires: Fri, 20 Dec 2024 05:01:51 GMT
x-time-ng: 0.000
server-timing: wf-uht;dur=
date: Fri, 20 Dec 2024 04:01:51 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 19 Dec 2024 13:17:04 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 / Show response
refbanners.website/redirect/stat/run/ 39 B
227 B 17ms
17ms XHR
application/json 45.135.122.227
MELBICOM-EU-AS Me...

General

Check archive.org

Show headers Download Go to

Full URL

https://refbanners.website/redirect/stat/run/

Requested by

Host: refbanners.website
URL: https://refbanners.website/checker/checker.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.135.122.227 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),

Reverse DNS

Software

nginx /

Resource Hash

c96bd8bf01a0d623aef9dc0dcaacc3127cb6580b6f1480300d960f9d4970e0b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refbanners.website/I?tag=d_2687483m_16735c_&site=2687483&ad=16735
x-requested-with: XMLHttpRequest

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.001
content-encoding: br
date: Fri, 20 Dec 2024 04:01:51 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H2 204 favicon.ico
refbanners.website/ 0
117 B 15ms
15ms Other
text/plain 45.135.122.227
MELBICOM-EU-AS Me...

General

Check archive.org

Show headers Download Go to

Full URL

https://refbanners.website/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.135.122.227 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refbanners.website/I?tag=d_2687483m_16735c_&site=2687483&ad=16735

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.001
date: Fri, 20 Dec 2024 04:01:51 GMT
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: casino-spin.de
URL: blob:https://casino-spin.de/b85561be-0a7e-43a4-a9da-ef2b68906e1c

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| checker

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			refbanners.website/	1970-01-21 02:34:19	Name: che_g Value: 19570484-5651-17e2-585a-b57ef075e4ea

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

casino-spin.de
lyunmo.shop
refbanners.website
refpaqutiu.top
casino-spin.de
188.114.96.3
2a06:98c1:3120::3
45.135.120.33
45.135.122.227
0e9757b5638ea6b676d1b54301883af6d754536a557d9fcea6de5fbb4a5d0742
198a55310d4d5b786ff571ff4f16a66505bb17545c557818c8de810851616955
20c0a1ecf76a15efb6232bb2118c88974301eaf8e2eb5ab0d25c55c1a271fc62
2eb849a34ea95191aca099826649c11ffd9edeef47149758faa2f42ed659c736
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
3ec8a46c7f8741ca95b9b35076b6139e940a990dfe6ff85f8fbf33b681b9835b
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5d6af5d2ca3282ded09b3aea1ca1f431876a3c1f5913ac8a213d815703813f35
6060af826a3c79fc8829a0779daac9b264c313072904e4f09175ff574110a5dc
61e4384457e6d28da63412c35b99eeb4ca607f0f0cae0a27216c892275905aa6
6c254c7b80430809f123ed7f2943ecffd67ba5bdc1f856974655077145ad7e65
778607610a5ce26f2d63839ef9751dcfea2061f79bcee68af4cbe5b0ac822ce1
869cce27ed79b3eecc3701420e6a258eb7dee60017a079c7cc164f312002344e
8d940a913416dd2fd23bed69586782a0f898da6f4381ef588c33c08006c885a7
c96bd8bf01a0d623aef9dc0dcaacc3127cb6580b6f1480300d960f9d4970e0b0
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee6415af6470162e09862bb09423acfa7499f435e758cab41f02dd3045b75095
f606e82badade51831dc07d4c85b36ca7925337ac5eb2b44c984917f89073d61

refbanners.website Open in urlscan Pro 45.135.122.227 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

95 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

350 kBTransfer

1578 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

refbanners.website Open in urlscan Pro
45.135.122.227 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

95 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

350 kB
Transfer

1578 kB
Size

1
Cookies

22 HTTP transactions
0 data transactions