urlscan.io logo urlscan.io
SecurityTrails logo

icecasino.com Open in urlscan Pro
2a06:9ac0:776:9319:3dd0:6e7f:8fc4:251d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://montblanc.lebork.pl/
Effective URL: https://icecasino.com/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArm...
Submission: On March 09 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 24 HTTP transactions. The main IP is 2a06:9ac0:776:9319:3dd0:6e7f:8fc4:251d, located in Virgin Islands (British) and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is icecasino.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 25th 2022. Valid for: a year.
This is the only time icecasino.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 185.253.212.22 48707 (GREENER-AS)
1 1 185.253.212.10 48707 (GREENER-AS)
1 104.244.42.5 13414 (TWITTER)
1 1 2a07:180:c6:e... 209242 (CLOUDFLAR...)
1 6 2a07:180:7c7:... 209242 (CLOUDFLAR...)
10 2a06:9ac0:776... 209242 (CLOUDFLAR...)
1 8 2606:4700::68... 13335 (CLOUDFLAR...)
24 6
1    185.253.212.22 (Poland)

ASN48707 (GREENER-AS, PL)
montblanc.lebork.pl
1    185.253.212.10 (Poland)

ASN48707 (GREENER-AS, PL)
t2775.am-track.pl
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    2a07:180:c6:e81e:6be5:d06:144a:3079 (Belize)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
tarenived.com
6    2a07:180:7c7:27f1:ca5d:d0c6:6b3a:3604 (Belize)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
ratanygaimiaheo.com
10    2a06:9ac0:776:9319:3dd0:6e7f:8fc4:251d (Virgin Islands (British))

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
icecasino.com
8    2606:4700::6812:7b9 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Apex Domain
Subdomains		 Transfer
10 icecasino.com
icecasino.com
125 KB
8 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5459
121 KB
6 ratanygaimiaheo.com
ratanygaimiaheo.com — Cisco Umbrella Rank: 248721
564 KB
1 tarenived.com
tarenived.com — Cisco Umbrella Rank: 362386
390 B
1 t.co
t.co — Cisco Umbrella Rank: 503
688 B
1 am-track.pl
t2775.am-track.pl
499 B
1 montblanc.lebork.pl
montblanc.lebork.pl
666 B
24 7
Domain Requested by
10 icecasino.com montblanc.lebork.pl
icecasino.com
8 challenges.cloudflare.com 1 redirects icecasino.com
challenges.cloudflare.com
montblanc.lebork.pl
6 ratanygaimiaheo.com 1 redirects t.co
ratanygaimiaheo.com
1 tarenived.com 1 redirects
1 t.co montblanc.lebork.pl
1 t2775.am-track.pl 1 redirects
1 montblanc.lebork.pl
24 7

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-01 -
2024-02-01		 a year crt.sh
ratanygaimiaheo.com
Cloudflare Inc ECC CA-3		 2022-11-29 -
2023-11-28		 a year crt.sh
icecasino.com
Cloudflare Inc ECC CA-3		 2022-07-25 -
2023-07-25		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://icecasino.com/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c
Frame ID: CF0A7CDF9C464E6EB79EDEDBC5464948
Requests: 21 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/ww4sj/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: A70BA06360ADA4B06F9A405E402A6CAA
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. http://montblanc.lebork.pl/ Page URL
  2. https://t2775.am-track.pl/track.php?track=c8c88c92d87842e60f4d1181edacac56&ref= HTTP 301
    https://t.co/5kVULlGatY Page URL
  3. https://tarenived.com/12821/26798?lp=00&click_id=ca1 HTTP 302
    https://ratanygaimiaheo.com/ice/p7100?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US HTTP 302
    https://ratanygaimiaheo.com/m1137/check/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798... Page URL
  4. https://icecasino.com/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=... Page URL

Page Statistics

24
Requests

92 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

811 kB
Transfer

1145 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://montblanc.lebork.pl/ Page URL
  2. https://t2775.am-track.pl/track.php?track=c8c88c92d87842e60f4d1181edacac56&ref= HTTP 301
    https://t.co/5kVULlGatY Page URL
  3. https://tarenived.com/12821/26798?lp=00&click_id=ca1 HTTP 302
    https://ratanygaimiaheo.com/ice/p7100?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US HTTP 302
    https://ratanygaimiaheo.com/m1137/check/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c&_fragment=%21%2Fauth%2Fregister Page URL
  4. https://icecasino.com/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://t2775.am-track.pl/track.php?track=c8c88c92d87842e60f4d1181edacac56&ref= HTTP 301
  • https://t.co/5kVULlGatY
Request Chain 2
  • https://tarenived.com/12821/26798?lp=00&click_id=ca1 HTTP 302
  • https://ratanygaimiaheo.com/ice/p7100?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US HTTP 302
  • https://ratanygaimiaheo.com/m1137/check/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c&_fragment=%21%2Fauth%2Fregister
Request Chain 12
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/af326ed3/api.js?onload=_cf_chl_turnstile_l&render=explicit

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
montblanc.lebork.pl/ 		300 B
666 B 		Document
General
Check archive.org
Download Go to
Full URL
http://montblanc.lebork.pl/
Protocol
HTTP/1.1
Server
185.253.212.22 , Poland, ASN48707 (GREENER-AS, PL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Type
text/html; charset=UTF-8
Date
Thu, 09 Mar 2023 14:58:01 GMT
Referrer-Policy
no-referrer
Server
nginx
Transfer-Encoding
chunked
5kVULlGatY
t.co/
Redirect Chain
  • https://t2775.am-track.pl/track.php?track=c8c88c92d87842e60f4d1181edacac56&ref=
  • https://t.co/5kVULlGatY
320 B
688 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/5kVULlGatY
Requested by
Host: montblanc.lebork.pl
URL: http://montblanc.lebork.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Referer
http://montblanc.lebork.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
206
content-type
text/html; charset=utf-8
date
Thu, 09 Mar 2023 14:58:02 GMT
expires
Thu, 09 Mar 2023 15:03:02 GMT
perf
7626143928
server
tsa_b
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
996e435aac265988854a1b0f2d6487b60c6801dee886e5ee886ac6f94f6a23b2
x-response-time
88
x-transaction-id
14ff1be6dc967472
x-xss-protection
0

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 09 Mar 2023 14:58:02 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://t.co/5kVULlGatY
pragma
no-cache
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
register
ratanygaimiaheo.com/m1137/check/en/
Redirect Chain
  • https://tarenived.com/12821/26798?lp=00&click_id=ca1
  • https://ratanygaimiaheo.com/ice/p7100?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US
  • https://ratanygaimiaheo.com/m1137/check/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4...
3 KB
983 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ratanygaimiaheo.com/m1137/check/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c&_fragment=%21%2Fauth%2Fregister
Requested by
Host: t.co
URL: https://t.co/5kVULlGatY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180:7c7:27f1:ca5d:d0c6:6b3a:3604 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2558dadcc47d2d1cb4774837f7b85f39de6ea921110fcc59226f0c5212ce2d03

Request headers

Referer
https://t.co/5kVULlGatY
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7a542c81fd088c17-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 09 Mar 2023 14:58:03 GMT
server
cloudflare

Redirect headers

cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7a542c806af08c17-EWR
content-type
text/html; charset=UTF-8
date
Thu, 09 Mar 2023 14:58:03 GMT
location
https://ratanygaimiaheo.com/m1137/check/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c&_fragment=%21%2Fauth%2Fregister
server
cloudflare
bundle-151220101100.min.js
ratanygaimiaheo.com/assets/js/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ratanygaimiaheo.com/assets/js/bundle-151220101100.min.js
Requested by
Host: ratanygaimiaheo.com
URL: https://ratanygaimiaheo.com/m1137/check/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c&_fragment=%21%2Fauth%2Fregister
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180:7c7:27f1:ca5d:d0c6:6b3a:3604 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b0a319083645e85092392e64b184029a262c071debd8abe3a8da8bdf8ef3e4c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ratanygaimiaheo.com/m1137/check/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c&_fragment=%21%2Fauth%2Fregister
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 14:58:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 15:41:35 GMT
server
cloudflare
age
4755
etag
W/"63e2712f-8fc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7a542c82ddf38c17-EWR
lm-1.0.0.min.js
ratanygaimiaheo.com/assets/js/ 		522 B
409 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ratanygaimiaheo.com/assets/js/lm-1.0.0.min.js
Requested by
Host: ratanygaimiaheo.com
URL: https://ratanygaimiaheo.com/m1137/check/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c&_fragment=%21%2Fauth%2Fregister
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180:7c7:27f1:ca5d:d0c6:6b3a:3604 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
58e5932169fa08554afe95d40cf0dd380c2b39e1192c3d3002dadd92b462bae1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ratanygaimiaheo.com/m1137/check/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c&_fragment=%21%2Fauth%2Fregister
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 14:58:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 15:41:35 GMT
server
cloudflare
age
5017
etag
W/"63e2712f-20a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7a542c82ddf58c17-EWR
ms-1.0.2.min.js
ratanygaimiaheo.com/assets/js/ 		1 KB
907 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ratanygaimiaheo.com/assets/js/ms-1.0.2.min.js
Requested by
Host: ratanygaimiaheo.com
URL: https://ratanygaimiaheo.com/m1137/check/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c&_fragment=%21%2Fauth%2Fregister
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180:7c7:27f1:ca5d:d0c6:6b3a:3604 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4046c7db785c6e930ce902576814ce0dffd104bdca83bf48b103bb5d111ddbba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ratanygaimiaheo.com/m1137/check/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c&_fragment=%21%2Fauth%2Fregister
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 14:58:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 15:41:35 GMT
server
cloudflare
age
6472
etag
W/"63e2712f-4bc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7a542c82ddf68c17-EWR
ice.gif
ratanygaimiaheo.com/assets/img/meta-redirect/ 		549 KB
550 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ratanygaimiaheo.com/assets/img/meta-redirect/ice.gif
Requested by
Host: ratanygaimiaheo.com
URL: https://ratanygaimiaheo.com/m1137/check/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c&_fragment=%21%2Fauth%2Fregister
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180:7c7:27f1:ca5d:d0c6:6b3a:3604 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e31f8e72213757385a19d7209cacd13de382b710e5d53f061323f57a0318c567

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ratanygaimiaheo.com/m1137/check/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c&_fragment=%21%2Fauth%2Fregister
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 14:58:03 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 07 Feb 2023 15:41:35 GMT
server
cloudflare
etag
"63e2712f-8956e"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7a542c82fe118c17-EWR
content-length
562542
blank.gif
icecasino.com/ 		43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icecasino.com/blank.gif?1678373883588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:9ac0:776:9319:3dd0:6e7f:8fc4:251d , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ratanygaimiaheo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 14:58:03 GMT
cf-cache-status
MISS
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
x-envoy-upstream-service-time
0
accept-ranges
bytes
cf-ray
7a542c84bb4cc422-EWR
content-length
43
x-request-id
a15f8193-91cc-471e-abf3-929d7e4586c1
expires
Thu, 09 Mar 2023 18:58:03 GMT
Primary Request register
icecasino.com/en/ 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://icecasino.com/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c
Requested by
Host: montblanc.lebork.pl
URL: http://montblanc.lebork.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:9ac0:776:9319:3dd0:6e7f:8fc4:251d , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
73361de96cfda242a1d7e9ff925b7c7e25be673bbd8fb5805060c45fcbfa03cd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ratanygaimiaheo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-bypass
1
cf-ray
7a542c85dcb4c422-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 09 Mar 2023 14:58:03 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
challenges.css
icecasino.com/cdn-cgi/styles/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://icecasino.com/cdn-cgi/styles/challenges.css
Requested by
Host: icecasino.com
URL: https://icecasino.com/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:9ac0:776:9319:3dd0:6e7f:8fc4:251d , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
efdb5bcc25efa09532fbbf93e67a4bd0f74016ad3cfe118a2fbc94296adf875b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://icecasino.com/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 14:58:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 03 Mar 2023 16:16:17 GMT
server
cloudflare
etag
W/"64021d51-182e"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
7a542c860d09c422-EWR
expires
Thu, 09 Mar 2023 16:58:03 GMT
favicon.ico
icecasino.com/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icecasino.com/favicon.ico
Requested by
Host: icecasino.com
URL: https://icecasino.com/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:9ac0:776:9319:3dd0:6e7f:8fc4:251d , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7dbac72aa14dc676a6de7d11b97cf7805c63039e6aad05e92785bd618d9ed21
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://icecasino.com/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 14:58:03 GMT
content-encoding
br
referrer-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
7a542c860d0bc422-EWR
cf-chl-bypass
1
expires
Thu, 01 Jan 1970 00:00:01 GMT
v1
icecasino.com/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/ 		145 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icecasino.com/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=7a542c85dcb4c422
Requested by
Host: icecasino.com
URL: https://icecasino.com/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:9ac0:776:9319:3dd0:6e7f:8fc4:251d , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
902d3e32bf55e1d22b78847bb7057f92e9c0cfa10a3fb6b2a2aa45dde289a109

Request headers

accept-language
en-US,en;q=0.9
Referer
https://icecasino.com/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c&__cf_chl_rt_tk=mM6f19iFJ4eXAITXGfXA2E05pNTynyRi8taIVFlHb5c-1678373883-0-gaNycGzNCjs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 14:58:03 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7a542c864d35c422-EWR
content-type
application/javascript; charset=UTF-8
transparent.gif
icecasino.com/cdn-cgi/images/trace/captcha/js/ 		42 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icecasino.com/cdn-cgi/images/trace/captcha/js/transparent.gif?ray=7a542c85dcb4c422
Requested by
Host: icecasino.com
URL: https://icecasino.com/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c&__cf_chl_rt_tk=mM6f19iFJ4eXAITXGfXA2E05pNTynyRi8taIVFlHb5c-1678373883-0-gaNycGzNCjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:9ac0:776:9319:3dd0:6e7f:8fc4:251d , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://icecasino.com/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c&__cf_chl_rt_tk=mM6f19iFJ4eXAITXGfXA2E05pNTynyRi8taIVFlHb5c-1678373883-0-gaNycGzNCjs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 14:58:03 GMT
x-content-type-options
nosniff
last-modified
Fri, 03 Mar 2023 16:16:17 GMT
server
cloudflare
etag
"64021d51-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7a542c864d36c422-EWR
content-length
42
expires
Thu, 09 Mar 2023 16:58:03 GMT
api.js
challenges.cloudflare.com/turnstile/v0/g/af326ed3/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/g/af326ed3/api.js?onload=_cf_chl_turnstile_l&render=explicit
14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/af326ed3/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by
Host: icecasino.com
URL: https://icecasino.com/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c
Protocol
H2
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a8fd792db45f6d5c2f3bb383b931fbdc61b483d2d9be455d62e11a4357f93e5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 14:58:04 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7a542c86edc642dd-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location
/turnstile/v0/g/af326ed3/api.js?onload=_cf_chl_turnstile_l&render=explicit
date
Thu, 09 Mar 2023 14:58:03 GMT
cache-control
max-age=300, public
server
cloudflare
cf-ray
7a542c86ddaf42dd-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vary
accept-encoding
truncated
/ 		586 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
b16a732c3b02d86
icecasino.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1895832089:1678370806:_7CWfZTWtnOrcLLmClpJafRz5lCWxlkk8RChoQXNWvQ/7a542c85dcb4c422/ 		95 KB
52 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://icecasino.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1895832089:1678370806:_7CWfZTWtnOrcLLmClpJafRz5lCWxlkk8RChoQXNWvQ/7a542c85dcb4c422/b16a732c3b02d86
Requested by
Host: icecasino.com
URL: https://icecasino.com/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=7a542c85dcb4c422
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:9ac0:776:9319:3dd0:6e7f:8fc4:251d , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d93fde5e60b978e41a9e9204bbc093fb467392fa1183b75a803aa1e011ca68a6

Request headers

Referer
https://icecasino.com/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge
b16a732c3b02d86
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 09 Mar 2023 14:58:04 GMT
content-encoding
br
cf_chl_gen
Z/mdgdOIh9tWqiw39IwHS5/TNxZ31EZRlStVHmGpXINrc4S0ir2qCSc3Jhv14V24Zxax8Z3QaLMg6LlpFKNJfjdhdU6XYmq3nipeiLmcrKv1hN5b5jOqlOpcJvhAKdnJ/EF4OiGIWDLmjKm4ZhMY6XhLO97+zIHs34G8l7jgNG4w3AS8SPJuhrZGbZQclhePge/QIlF5qF50tPGlc4G1CgEfmnj/c/xY6scjusYCU8rnot3tr5q+BY8N2kWqorHsCiJf4NWdh1dpGfMeyngTsCDFm8xOwwtJpxkXy8vG+NMDjEAbVdCCqEkXpH+EEalEcA/sBQCR68fTORHymypfIv1lBGMYUoaSbz4eOKY2vfmsnxpy9gYFMLsbY4nT15G0bU8aWpHFSgegYOXcLuJPWB4iNs5Xrhs/ES4qWFPZcRg=$IyaGObVGaeu/VEMbPSd3Sg==
server
cloudflare
cf-ray
7a542c875e75c422-EWR
content-type
text/plain; charset=UTF-8
O-BGAzYjcMsb5XF
icecasino.com/cdn-cgi/challenge-platform/h/g/img/7a542c85dcb4c422/1678373884066/ 		61 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icecasino.com/cdn-cgi/challenge-platform/h/g/img/7a542c85dcb4c422/1678373884066/O-BGAzYjcMsb5XF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:9ac0:776:9319:3dd0:6e7f:8fc4:251d , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
39e7ddadf3a760837089bfdf1a13909b070078b9e1a274ee879c2b6adc076061

Request headers

accept-language
en-US,en;q=0.9
Referer
https://icecasino.com/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 14:58:04 GMT
server
cloudflare
cf-ray
7a542c87cee8c422-EWR
content-type
image/png
aiBniovpMOomg64
icecasino.com/cdn-cgi/challenge-platform/h/g/pat/7a542c85dcb4c422/1678373884066/a9957dd2484197847ee87d41dbfb8dadcabb4a81fb041a4b0973f1074d02577a/ 		1 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://icecasino.com/cdn-cgi/challenge-platform/h/g/pat/7a542c85dcb4c422/1678373884066/a9957dd2484197847ee87d41dbfb8dadcabb4a81fb041a4b0973f1074d02577a/aiBniovpMOomg64
Requested by
Host: montblanc.lebork.pl
URL: http://montblanc.lebork.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:9ac0:776:9319:3dd0:6e7f:8fc4:251d , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://icecasino.com/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 14:58:04 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gqZV90khBl4R-6H1B2_uNrcq7SoH7BBpLCXPxB00CV3oADWljZWNhc2luby5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtM36gtcQXzi5XpeTNxbMn5Uxk4ZQTSzSssfqmc92M35EvqVnBzWtAkZzNkM5nhKHweggvBeq3tfmiEKGO4UbUCDHDjNRiY0V-c7beLBsuZ5mSKHzOErYodfcpo0TmFcWETFqJIQta8mePmEsl6IQ4f3-FhDMPOBNcA_07xaVvdaMmpP5i6_0KHb-A5yJOAXW0tTZrPP1d-t_tTN69nQN4c5j2-Zg7g9pb_H5WvGlmfQ16JRFsCYSsaCXiwdvT9gI8f7hWhIy5PH-fnlNjbUWgVtVLPn-ygwPaofdcwATmdR-BgCHIGuH1yXxgr7P0JZubZChBIB96vOn1_3Bt2yRvwIDAQAB, max-age=20
server
cloudflare
cf-ray
7a542c87eefdc422-EWR
content-type
text/plain; charset=UTF-8
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
b16a732c3b02d86
icecasino.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1895832089:1678370806:_7CWfZTWtnOrcLLmClpJafRz5lCWxlkk8RChoQXNWvQ/7a542c85dcb4c422/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://icecasino.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1895832089:1678370806:_7CWfZTWtnOrcLLmClpJafRz5lCWxlkk8RChoQXNWvQ/7a542c85dcb4c422/b16a732c3b02d86
Requested by
Host: icecasino.com
URL: https://icecasino.com/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=7a542c85dcb4c422
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:9ac0:776:9319:3dd0:6e7f:8fc4:251d , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec47bad77a89db2301cc766680d029584334314e378126457043ed807e9d7238

Request headers

Referer
https://icecasino.com/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge
b16a732c3b02d86
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 09 Mar 2023 14:58:05 GMT
content-encoding
br
cf_chl_gen
Sg7znHGV0IYVdADMru8dPz9It7cMzW7Nh9eIvVabJ6w=$MUEroGorjyZaJW+f7h/zYA==
server
cloudflare
cf-ray
7a542c926996c422-EWR
content-type
text/plain; charset=UTF-8
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/ww4sj/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame A70B 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/ww4sj/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7f7071ba0b392b790c5aaba4085fef6a59275ab577d948069d1fb8738e393f8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7a542c92a8ea43c1-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 09 Mar 2023 14:58:05 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
truncated
/ 		187 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame A70B 		149 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7a542c92a8ea43c1
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/ww4sj/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e77d9270abcd2cf438be67b12a41c4797cc77d7215defafac0bc19affe6ad915

Request headers

accept-language
en-US,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/ww4sj/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 14:58:06 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7a542c93ca3a43c1-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
194b84e9be43fe3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1108849825:1678371171:JiwTVQGFysuJZtd23w54r8sfbzFVjKbHcQ-YX5tXA2g/7a542c92a8ea43c1/ Frame A70B 		92 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1108849825:1678371171:JiwTVQGFysuJZtd23w54r8sfbzFVjKbHcQ-YX5tXA2g/7a542c92a8ea43c1/194b84e9be43fe3
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7a542c92a8ea43c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d27ae32017cc5b251312a5670904a96895fbbe7ae071f797dd022f8823a76bd

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/ww4sj/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge
194b84e9be43fe3
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 09 Mar 2023 14:58:06 GMT
content-encoding
br
cf_chl_gen
vjKWhidSbGeg3s78QCLBd0K2G+TYZhxTAkg2RTa1LvC/qWyw11gTRNEhZqOHSq75+fwRnUYIEjlGNUgqVs5bpyVQ5XVyF7TD/AlQXNHjRr5a2eE1ttn9c0nzu8sZHbs7foOXGy/HUFaKnNA4SKrUqOW9dsFJoNdilyx57EKM2+yodEaEz3+hWQAbf2zqt2t1ZOdLFQsan+ylUjAeiZVzQ4WLyy7ys0EGXq7Sqkz5NjnmxZWKUamiAeWiIALWGnRtjQ+HsLMSALCs1DQMQupxeC82wh9g4PRpwilO6MZI4xraHLf2ImQY0ayNT9J3aZ0y$3nwvfk+dOUvf+HT3A847Yw==
server
cloudflare
cf-ray
7a542c94bb6143c1-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
LkXHWagIs0LQe8l
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7a542c92a8ea43c1/1678373886208/ Frame A70B 		61 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7a542c92a8ea43c1/1678373886208/LkXHWagIs0LQe8l
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dbec6391afcd3c3b5bbac2cee0d2d11891921625c69ed493d4b4d620a6b1dd4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/ww4sj/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 14:58:07 GMT
server
cloudflare
cf-ray
7a542c9cde4043c1-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/png
lx_h9XwXVvJAfib
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7a542c92a8ea43c1/1678373886208/945b29698c81058fcea637c3ec7857b5d937561b5dcb9ea678948a0179c009e4/ Frame A70B 		1 B
646 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7a542c92a8ea43c1/1678373886208/945b29698c81058fcea637c3ec7857b5d937561b5dcb9ea678948a0179c009e4/lx_h9XwXVvJAfib
Requested by
Host: montblanc.lebork.pl
URL: http://montblanc.lebork.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/ww4sj/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 14:58:07 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20glFspaYyBBY_OpjfD7HhXtdk3Vhtdy56meJSKAXnACeQAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtM36gtcQXzi5XpeTNxbMn5Uxk4ZQTSzSssfqmc92M35EvqVnBzWtAkZzNkM5nhKHweggvBeq3tfmiEKGO4UbUCDHDjNRiY0V-c7beLBsuZ5mSKHzOErYodfcpo0TmFcWETFqJIQta8mePmEsl6IQ4f3-FhDMPOBNcA_07xaVvdaMmpP5i6_0KHb-A5yJOAXW0tTZrPP1d-t_tTN69nQN4c5j2-Zg7g9pb_H5WvGlmfQ16JRFsCYSsaCXiwdvT9gI8f7hWhIy5PH-fnlNjbUWgVtVLPn-ygwPaofdcwATmdR-BgCHIGuH1yXxgr7P0JZubZChBIB96vOn1_3Bt2yRvwIDAQAB, max-age=20
server
cloudflare
cf-ray
7a542c9d0e7d43c1-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
194b84e9be43fe3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1108849825:1678371171:JiwTVQGFysuJZtd23w54r8sfbzFVjKbHcQ-YX5tXA2g/7a542c92a8ea43c1/ Frame A70B 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1108849825:1678371171:JiwTVQGFysuJZtd23w54r8sfbzFVjKbHcQ-YX5tXA2g/7a542c92a8ea43c1/194b84e9be43fe3
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7a542c92a8ea43c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81b1e67f09da638cecf58bb9900a97aea9e18ce8b6e637d56b76ce0d45771edb

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/ww4sj/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge
194b84e9be43fe3
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 09 Mar 2023 14:58:08 GMT
content-encoding
br
cf_chl_gen
PLojXj5q7jeVLOIOJPpukdKHHIPJbYh7xT6S+tASs+4=$OjEkAah7O5yrwSfk8b1kBg==
server
cloudflare
cf-ray
7a542ca04a7143c1-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _cf_chl_opt function| SHA256 function| sendRequest function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| _cf_chl_turnstile_l function| __cf_md5 object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded object| _

15 Cookies

Domain/Path Name / Value
montblanc.lebork.pl/ Name: PHPSESSID
Value: b556f43a655b9e6c5e66c2fd3d3a8d13
montblanc.lebork.pl/ Name: locale
Value: en_US
t2775.am-track.pl/ Name: PHPSESSID
Value: 8f6a497ecd3d77c3304fb0dee2215de6
t2775.am-track.pl/ Name: locale
Value: en_US
.t.co/ Name: muc
Value: c0da4432-55bd-4066-8d05-b6cd1381c4ff
.t.co/ Name: muc_ads
Value: c0da4432-55bd-4066-8d05-b6cd1381c4ff
tarenived.com/ Name: _HGAU
Value: 7560dd42-eecb-481a-b966-3768f021dd9f
tarenived.com/ Name: vst_cnt_18218
Value: 1
ratanygaimiaheo.com/ Name: promouuid
Value: ad7348b0a234b026a23f1fa3dba064989c4ba15c
ratanygaimiaheo.com/ Name: 336e3fa1070f5be016af46c51d3d2e55
Value: 1
ratanygaimiaheo.com/ Name: bl
Value: 1
ratanygaimiaheo.com/ Name: bic
Value: 1
ratanygaimiaheo.com/ Name: bct
Value: 0
ratanygaimiaheo.com/ Name: ch
Value: d346cc8abb0d218f24e1a5c50a2d58d8
icecasino.com/ Name: cf_chl_2
Value: b16a732c3b02d86

6 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://icecasino.com/en/register?atp=&goto=sitereg&click_id=ca1&plid=12821&bnid=26798&lang=en&cc=US&ref=mb_BQAVMgAArmgAALwbAAA.2023-03.09&uuid=ad7348b0a234b026a23f1fa3dba064989c4ba15c#!/auth/register
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://icecasino.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://icecasino.com/cdn-cgi/challenge-platform/h/g/pat/7a542c85dcb4c422/1678373884066/a9957dd2484197847ee87d41dbfb8dadcabb4a81fb041a4b0973f1074d02577a/aiBniovpMOomg64
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7a542c92a8ea43c1/1678373886208/945b29698c81058fcea637c3ec7857b5d937561b5dcb9ea678948a0179c009e4/lx_h9XwXVvJAfib
Message:
Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
icecasino.com
montblanc.lebork.pl
ratanygaimiaheo.com
t.co
t2775.am-track.pl
tarenived.com
104.244.42.5
185.253.212.10
185.253.212.22
2606:4700::6812:7b9
2a06:9ac0:776:9319:3dd0:6e7f:8fc4:251d
2a07:180:7c7:27f1:ca5d:d0c6:6b3a:3604
2a07:180:c6:e81e:6be5:d06:144a:3079
0a8fd792db45f6d5c2f3bb383b931fbdc61b483d2d9be455d62e11a4357f93e5
2558dadcc47d2d1cb4774837f7b85f39de6ea921110fcc59226f0c5212ce2d03
39e7ddadf3a760837089bfdf1a13909b070078b9e1a274ee879c2b6adc076061
4046c7db785c6e930ce902576814ce0dffd104bdca83bf48b103bb5d111ddbba
4d27ae32017cc5b251312a5670904a96895fbbe7ae071f797dd022f8823a76bd
4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578
58e5932169fa08554afe95d40cf0dd380c2b39e1192c3d3002dadd92b462bae1
5dbec6391afcd3c3b5bbac2cee0d2d11891921625c69ed493d4b4d620a6b1dd4
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
73361de96cfda242a1d7e9ff925b7c7e25be673bbd8fb5805060c45fcbfa03cd
81b1e67f09da638cecf58bb9900a97aea9e18ce8b6e637d56b76ce0d45771edb
902d3e32bf55e1d22b78847bb7057f92e9c0cfa10a3fb6b2a2aa45dde289a109
9b0a319083645e85092392e64b184029a262c071debd8abe3a8da8bdf8ef3e4c
d7f7071ba0b392b790c5aaba4085fef6a59275ab577d948069d1fb8738e393f8
d93fde5e60b978e41a9e9204bbc093fb467392fa1183b75a803aa1e011ca68a6
e31f8e72213757385a19d7209cacd13de382b710e5d53f061323f57a0318c567
e77d9270abcd2cf438be67b12a41c4797cc77d7215defafac0bc19affe6ad915
ec47bad77a89db2301cc766680d029584334314e378126457043ed807e9d7238
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdb5bcc25efa09532fbbf93e67a4bd0f74016ad3cfe118a2fbc94296adf875b
f7dbac72aa14dc676a6de7d11b97cf7805c63039e6aad05e92785bd618d9ed21
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa