davincisgold.com Open in urlscan Pro
77.74.228.7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://exq7f1.xyz/rl
Effective URL:
https://davincisgold.com/fr/register?tracker=CX-36644_456322
Submission: On May 23 via manual (May 23rd 2024, 11:50:12 am UTC) from BE — Scanned from DE

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 22 HTTP transactions. The main IP is 77.74.228.7, located in Bosnia & Herzegovina and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is davincisgold.com.
TLS certificate: Issued by E1 on April 8th 2024. Valid for: 3 months.

This is the only time davincisgold.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	208.113.200.148 208.113.200.148	26347 (DREAMHOST-AS) (DREAMHOST-AS)
1 1	35.234.86.61 35.234.86.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	77.74.228.7 77.74.228.7	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	104.22.43.158 104.22.43.158	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
22	8

1 208.113.200.148 (United States)

ASN26347 (DREAMHOST-AS, US)
PTR: admin.fei.edu.co

exq7f1.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.234.86.61 (Frankfurt am Main, Germany) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.86.234.35.bc.googleusercontent.com

go.truedynastyaffiliates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.74.228.7 (Bosnia & Herzegovina)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

davincisgold.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.43.158 (None, )

ASN13335 (CLOUDFLARENET, US)

www.casinocontroller.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 380 fonts.googleapis.com — Cisco Umbrella Rank: 33	37 KB
4	davincisgold.com davincisgold.com	406 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2533	308 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	94 KB
1	casinocontroller.com chat.casinocontroller.com Failed www.casinocontroller.com — Cisco Umbrella Rank: 957165
1	truedynastyaffiliates.com 1 redirects go.truedynastyaffiliates.com	612 B
1	exq7f1.xyz exq7f1.xyz	539 B
22	7

	Domain	Requested by
8	fonts.googleapis.com	davincisgold.com
4	davincisgold.com	exq7f1.xyz davincisgold.com
2	region1.google-analytics.com	www.googletagmanager.com
1	www.casinocontroller.com	davincisgold.com
1	www.googletagmanager.com	davincisgold.com
1	ajax.googleapis.com	davincisgold.com
1	go.truedynastyaffiliates.com	1 redirects
1	exq7f1.xyz
0	chat.casinocontroller.com Failed	davincisgold.com
22	9

This site contains no links.

Subject Issuer	Validity	Valid
davincisgold.com E1	`2024-04-08` - `2024-07-07`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
casinocontroller.com E1	`2024-04-13` - `2024-07-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://davincisgold.com/fr/register?tracker=CX-36644_456322
Frame ID: 41B40E22E0F0494AD8DEA860FBCD3D94
Requests: 21 HTTP requests in this frame

Frame: https://www.casinocontroller.com/davincigold/engine/EmbedGame/EmbedGame.php?mode=lobby&lang=fr&t=CX-36644_456322&tracker=CX-36644_456322&id=14&returnUrl=//davincisgold.com
Frame ID: 309E5B4150EADC354C9EE7BE430DA9EB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Davinci's Gold Online Casino

Page URL History Show full URLs

http://exq7f1.xyz/rl HTTP 307
https://exq7f1.xyz/rl HTTP 307
http://exq7f1.xyz/rl Page URL
https://go.truedynastyaffiliates.com/visit/?bta=36644&nci=5825 HTTP 302
https://davincisgold.com/fr/register?tracker=CX-36644_456322 Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

77 %
HTTPS

50 %
IPv6

7
Domains

9
Subdomains

8
IPs

4
Countries

538 kB
Transfer

1818 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://exq7f1.xyz/rl HTTP 307
https://exq7f1.xyz/rl HTTP 307
http://exq7f1.xyz/rl Page URL
https://go.truedynastyaffiliates.com/visit/?bta=36644&nci=5825 HTTP 302
https://davincisgold.com/fr/register?tracker=CX-36644_456322 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://exq7f1.xyz/rl HTTP 307
https://exq7f1.xyz/rl HTTP 307
http://exq7f1.xyz/rl

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

rl
exq7f1.xyz/
Redirect Chain

http://exq7f1.xyz/rl
https://exq7f1.xyz/rl
http://exq7f1.xyz/rl

183 B
539 B

596ms
595ms

Document
text/html

208.113.200.148
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://exq7f1.xyz/rl

Protocol

HTTP/1.1

Server

208.113.200.148 , United States, ASN26347 (DREAMHOST-AS, US),

Reverse DNS

admin.fei.edu.co

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 23 May 2024 11:50:07 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Trace: 2B538015CBC6A05B00E63D25A00BC288EC8BC9303CD8F7B2B09CF5C72900
X-XSS-Protection: 1; mode=block

Redirect headers

Location: http://exq7f1.xyz/rl
Non-Authoritative-Reason: HttpsUpgrades

GET
H3

200

Primary Request register Show response
davincisgold.com/fr/
Redirect Chain

https://go.truedynastyaffiliates.com/visit/?bta=36644&nci=5825
https://davincisgold.com/fr/register?tracker=CX-36644_456322

1 KB
968 B

186ms
120ms

Document
text/html

77.74.228.7
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://davincisgold.com/fr/register?tracker=CX-36644_456322

Requested by

Host: exq7f1.xyz
URL: http://exq7f1.xyz/rl

Protocol

Security

QUIC, , AES_128_GCM

Server

77.74.228.7 , Bosnia & Herzegovina, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ab2de9b747fb09f41b4c50e6fcf923375eadf8712230855f52b57e7b6790a28

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://exq7f1.xyz/rl
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8884d3985f6336df-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 23 May 2024 11:50:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9wlAPZeuAqUak5MH6NegtNJnv1cfXadyp2f7or7c5N4iH%2BVehPGlfeHLY70N4XMO9m99p2tSCKpO2uPIDjP%2FvtCS%2Fn3p%2Fg1Pb43JRac%2FEJqThjoJZAny%2BXB1CcvBAXStHxiD"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 3
Content-Type: application/octet-stream
Date: Thu, 23 May 2024 11:50:07 GMT
Server: rhino-core-shield
X-Cache-Status: MISS
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
expires: 0
location: https://davincisgold.com/fr/register?tracker=CX-36644_456322
pragma: no-cache
referer: http://exq7f1.xyz/
surrogate-control: no-store

GET sockjs-0.3.min.js
chat.casinocontroller.com/assets/js/ 0
0

GET config.js
chat.casinocontroller.com/ 0
0

GET chat-library.js
chat.casinocontroller.com/assets/js/ 0
0

GET chatStub.js
chat.casinocontroller.com/chat/js/ 0
0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 46ms
11ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: davincisgold.com
URL: https://davincisgold.com/fr/register?tracker=CX-36644_456322

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://davincisgold.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 00:15:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41679
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 May 2025 00:15:28 GMT

GET
H3 200 main.js Show response
davincisgold.com/static/js/ 1 MB
373 KB 20ms
20ms Script
application/javascript 77.74.228.7
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://davincisgold.com/static/js/main.js

Requested by

Host: davincisgold.com
URL: https://davincisgold.com/fr/register?tracker=CX-36644_456322

Protocol

Security

QUIC, , AES_128_GCM

Server

77.74.228.7 , Bosnia & Herzegovina, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1e38cd1d1101ec5a451deb5dfebcc8b0a0e4aee8d5b4065cb4cddad298ca11d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://davincisgold.com/fr/register?tracker=CX-36644_456322
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 11:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4470
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"aa43a6ea3c7eb58a7132bac58b3fdfe4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5PsviviNe8C5Oe9MmuI1TPXeRRg4tBX2XAl%2B%2BZngqkIyRosK4IiiBSN%2BV9lv65wwGFYAH9flagq6f6fIVvLlE%2Flo7dGpZ8tBCoNZJYfioh8wRfdQ6GeJfb8x0lAcyLbAH6iF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8884d39958b436df-FRA

GET
H3 200 main.css
davincisgold.com/static/css/ 108 KB
26 KB 21ms
21ms Stylesheet
text/css 77.74.228.7
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://davincisgold.com/static/css/main.css

Requested by

Host: davincisgold.com
URL: https://davincisgold.com/fr/register?tracker=CX-36644_456322

Protocol

Security

QUIC, , AES_128_GCM

Server

77.74.228.7 , Bosnia & Herzegovina, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc7e7c7892bd03676a7fdb6d3c6ff874ab9832563960197b6be910a0c366461e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://davincisgold.com/fr/register?tracker=CX-36644_456322
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 11:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5620
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3602c18c1efb6587d8b8af00f8a6375f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T1fTyeFhEJUn99oHW4gIl25%2Bvi6zIkPTBtggCm4HBM5P933A1NCICAjjx9TB2sl2nWjO3WW%2BqvhT8SAP16IzwFMoN%2BPEELu3dl9mfNe2gwbo5LocbYWPjzA7s6nemGha9OjR"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8884d399287736df-FRA

GET
H2 200 css2
fonts.googleapis.com/ 19 KB
1 KB 37ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@200;300;400;500;600;700;800;900&display=swap

Requested by

Host: davincisgold.com
URL: https://davincisgold.com/static/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d16969705619b51577b01b002ba5d7ad97ecf4407773bc635eee8b8348377d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://davincisgold.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 May 2024 11:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 May 2024 11:33:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 May 2024 11:50:07 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
596 B 38ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap

Requested by

Host: davincisgold.com
URL: https://davincisgold.com/static/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f09c18cbfb91024b5e1e0a8408063dcf8a027cf33f3c9d1a3ff727072d7e056b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://davincisgold.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 May 2024 11:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 May 2024 11:49:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 May 2024 11:50:07 GMT

GET
H2 200 css2
fonts.googleapis.com/ 808 B
411 B 37ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Asul:wght@400;700&display=swap

Requested by

Host: davincisgold.com
URL: https://davincisgold.com/static/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b239d7cac566373b44ea982004cdc1ac566b08b6f72aa999d0757a2f6dfe50a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://davincisgold.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 May 2024 11:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 May 2024 11:47:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 May 2024 11:50:07 GMT

GET
H2 200 css2
fonts.googleapis.com/ 32 KB
1 KB 42ms
21ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: davincisgold.com
URL: https://davincisgold.com/static/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://davincisgold.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 May 2024 11:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 May 2024 11:48:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 May 2024 11:50:07 GMT

GET
H2 200 css2
fonts.googleapis.com/ 21 KB
1004 B 40ms
19ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: davincisgold.com
URL: https://davincisgold.com/static/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90c4f0951056e5a82b2150c8b3fe6d011a08ea2abc957453d080b8179504e2d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://davincisgold.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 May 2024 11:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 May 2024 10:18:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 May 2024 11:50:07 GMT

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
808 B 43ms
21ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: davincisgold.com
URL: https://davincisgold.com/static/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f6e8efb65dff0486271d787d60be7d84387c203bebd36159794e6e2c28c31f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://davincisgold.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 May 2024 11:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 May 2024 10:55:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 May 2024 11:50:07 GMT

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
677 B 39ms
18ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Requested by

Host: davincisgold.com
URL: https://davincisgold.com/static/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47814ced0ca59df80342b2fd727f7e8f1d065a2a6dbc40da8ab68450175fd0f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://davincisgold.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 May 2024 11:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 May 2024 11:35:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 May 2024 11:50:07 GMT

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
764 B 45ms
24ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap

Requested by

Host: davincisgold.com
URL: https://davincisgold.com/static/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

257d57bb9be59d6770bd1c593b8f7fa3651d2f87ce72dd6e1130c67e73550100

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://davincisgold.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 May 2024 11:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 May 2024 10:32:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 May 2024 11:50:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
94 KB 59ms
38ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8WB0PRYJ5E

Requested by

Host: davincisgold.com
URL: https://davincisgold.com/static/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e85dc90246d0a88d9d753c4c2401b5c2297d75ad83c9530684ac725bbef08095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://davincisgold.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 11:50:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95736
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 May 2024 11:50:07 GMT

GET
H2 200 EmbedGame.php
www.casinocontroller.com/davincigold/engine/EmbedGame/ Frame 309E 0
0 135ms
105ms Document
text/html 104.22.43.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.casinocontroller.com/davincigold/engine/EmbedGame/EmbedGame.php?mode=lobby&lang=fr&t=CX-36644_456322&tracker=CX-36644_456322&id=14&returnUrl=//davincisgold.com
Requested by: Host: davincisgold.com
URL: https://davincisgold.com/static/js/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.43.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://davincisgold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8884d39a681f71b5-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 23 May 2024 11:50:07 GMT
server: cloudflare
vary: Accept-Encoding

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 36ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8WB0PRYJ5E&gtm=45je45k0v894563062za200&_p=1716465007672&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=823765296.1716465008&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&ci=CX-36644&sid=1716465007&sct=1&seg=0&dl=https%3A%2F%2Fdavincisgold.com%2Fregister%3Ftracker%3DCX-36644_456322&dr=http%3A%2F%2Fexq7f1.xyz%2F&dt=Davinci%27s%20Gold%20Online%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.affiliate_id=CX-36644&tfd=713
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8WB0PRYJ5E
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://davincisgold.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 11:50:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://davincisgold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 favicon.png
davincisgold.com/brand/images/ 5 KB
6 KB 20ms
20ms Other
image/png 77.74.228.7
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://davincisgold.com/brand/images/favicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

77.74.228.7 , Bosnia & Herzegovina, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6a5a1905f750a205b1e7fe16ff7517d9f3449bed2251ed54684e0c2610966dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://davincisgold.com/register?tracker=CX-36644_456322
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 11:50:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2788
alt-svc: h3=":443"; ma=86400
content-length: 5254
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "24142ab1bf2a029860476d75792e1025"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1QY7wWb6Ea2pUWH%2B%2FEmqjRNkpbHZH7RzY5Lv%2BIYzsk9fwBrzH%2FttWh03YQQU2OjUu3kDjckVMef41BmF55AG52DqcWwbkO70G9REj78J3%2Fq9rnE3fVO9w0bbMD%2BGOCMSctoB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8884d39c1cc036df-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8WB0PRYJ5E&gtm=45je45k0v894563062za200&_p=1716465007672&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=823765296.1716465008&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&ci=CX-36644&sid=1716465007&sct=1&seg=0&dl=https%3A%2F%2Fdavincisgold.com%2Fregister%3Ftracker%3DCX-36644_456322&dr=http%3A%2F%2Fexq7f1.xyz%2F&dt=Davinci%27s%20Gold%20Online%20Casino&en=scroll&ep.affiliate_id=CX-36644&epn.percent_scrolled=90&_et=2&tfd=2307
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8WB0PRYJ5E
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://davincisgold.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 11:50:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://davincisgold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: chat.casinocontroller.com
URL: https://chat.casinocontroller.com/assets/js/sockjs-0.3.min.js

Domain: chat.casinocontroller.com
URL: https://chat.casinocontroller.com/config.js

Domain: chat.casinocontroller.com
URL: https://chat.casinocontroller.com/assets/js/chat-library.js

Domain: chat.casinocontroller.com
URL: https://chat.casinocontroller.com/chat/js/chatStub.js

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
davincisgold.com/fr	1969-12-31 23:59:59	Name: tra_tracker Value: CX-36644_456322
go.truedynastyaffiliates.com/	1970-01-20 21:32:23	Name: casinodavincisgold-v Value: 456322
davincisgold.com/	1970-01-21 05:33:21	Name: tra_tracker Value: CX-36644_456322
.davincisgold.com/	1970-01-21 06:23:45	Name: _ga Value: GA1.1.823765296.1716465008
.davincisgold.com/	1970-01-21 06:23:45	Name: _ga_8WB0PRYJ5E Value: GS1.1.1716465007.1.0.1716465009.0.0.0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://chat.casinocontroller.com/assets/js/chat-library.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://chat.casinocontroller.com/config.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://chat.casinocontroller.com/assets/js/sockjs-0.3.min.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://chat.casinocontroller.com/chat/js/chatStub.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
chat.casinocontroller.com
davincisgold.com
exq7f1.xyz
fonts.googleapis.com
go.truedynastyaffiliates.com
region1.google-analytics.com
www.casinocontroller.com
www.googletagmanager.com
chat.casinocontroller.com
104.22.43.158
2001:4860:4802:34::36
208.113.200.148
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200a
2a00:1450:4001:812::200a
35.234.86.61
77.74.228.7
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
257d57bb9be59d6770bd1c593b8f7fa3651d2f87ce72dd6e1130c67e73550100
2ab2de9b747fb09f41b4c50e6fcf923375eadf8712230855f52b57e7b6790a28
3f6e8efb65dff0486271d787d60be7d84387c203bebd36159794e6e2c28c31f3
47814ced0ca59df80342b2fd727f7e8f1d065a2a6dbc40da8ab68450175fd0f3
4b239d7cac566373b44ea982004cdc1ac566b08b6f72aa999d0757a2f6dfe50a
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
90c4f0951056e5a82b2150c8b3fe6d011a08ea2abc957453d080b8179504e2d7
d16969705619b51577b01b002ba5d7ad97ecf4407773bc635eee8b8348377d84
d1e38cd1d1101ec5a451deb5dfebcc8b0a0e4aee8d5b4065cb4cddad298ca11d
dc7e7c7892bd03676a7fdb6d3c6ff874ab9832563960197b6be910a0c366461e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a5a1905f750a205b1e7fe16ff7517d9f3449bed2251ed54684e0c2610966dc
e85dc90246d0a88d9d753c4c2401b5c2297d75ad83c9530684ac725bbef08095
f09c18cbfb91024b5e1e0a8408063dcf8a027cf33f3c9d1a3ff727072d7e056b

davincisgold.com Open in urlscan Pro 77.74.228.7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

77 %HTTPS

50 %IPv6

7 Domains

9 Subdomains

8 IPs

4 Countries

538 kBTransfer

1818 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

5 Cookies

4 Console Messages

Security Headers

Indicators

davincisgold.com Open in urlscan Pro
77.74.228.7 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

77 %
HTTPS

50 %
IPv6

7
Domains

9
Subdomains

8
IPs

4
Countries

538 kB
Transfer

1818 kB
Size

5
Cookies

22 HTTP transactions
0 data transactions