urlscan.io logo urlscan.io
SecurityTrails logo

hotsimulator.com Open in urlscan Pro
151.139.128.10  Public Scan

Go To Rescan Add Verdict Report
URL: https://hotsimulator.com/eflow/?t=EX-WHL-4776
Submission: On April 07 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 19 HTTP transactions. The main IP is 151.139.128.10, located in United States and belongs to STACKPATH-CDN, US. The main domain is hotsimulator.com. The Cisco Umbrella rank of the primary domain is 386597.
TLS certificate: Issued by R3 on March 28th 2022. Valid for: 3 months.
This is the only time hotsimulator.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
hotsimulator.com
bangready.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
cdn2.bangready.com
1    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
8 bangready.com
cdn2.bangready.com — Cisco Umbrella Rank: 352217
bangready.com — Cisco Umbrella Rank: 348913
743 KB
3 gstatic.com
fonts.gstatic.com
24 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5383
548 B
1 google.com
www.google.com — Cisco Umbrella Rank: 4
548 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
2 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 104
15 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 647
30 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
55 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
1 hotsimulator.com
hotsimulator.com — Cisco Umbrella Rank: 386597
12 KB
19 10
Domain Requested by
7 cdn2.bangready.com hotsimulator.com
3 fonts.gstatic.com fonts.googleapis.com
1 www.google.de hotsimulator.com
1 www.google.com hotsimulator.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 code.jquery.com hotsimulator.com
1 bangready.com hotsimulator.com
1 www.googletagmanager.com hotsimulator.com
1 fonts.googleapis.com hotsimulator.com
1 hotsimulator.com
19 11

This site contains no links.

Subject Issuer Validity Valid
hotsimulator.com
R3		 2022-03-28 -
2022-06-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
cdn2.bangready.com
R3		 2022-03-11 -
2022-06-09		 3 months crt.sh
bangready.com
R3		 2022-04-03 -
2022-07-02		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://hotsimulator.com/eflow/?t=EX-WHL-4776
Frame ID: 49C8A0A69D95C9EEBFA021158588BE7D
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hot Simulator - Kostenlose Registrierung

Detected technologies

Overall confidence: 100%
Detected patterns
  • <input[^>]+id="frm-
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

70 %
IPv6

10
Domains

11
Subdomains

10
IPs

3
Countries

883 kB
Transfer

1091 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hotsimulator.com/eflow/ 		46 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hotsimulator.com/eflow/?t=EX-WHL-4776
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Apache /
Resource Hash
64a53b06de0869fb99fa3ee7a7142b9dfd1600dd696baa339e9e5e4af8f5bff7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
12185
content-type
text/html; charset=UTF-8
date
Thu, 07 Apr 2022 21:51:32 GMT
expires
Sat, 2 Aug 1980 15:15:00 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding
x-hw
1649368292.cds284.lo4.hn,1649368292.cds226.lo4.sc,1649368292.cds226.lo4.p
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;700&display=swap
Requested by
Host: hotsimulator.com
URL: https://hotsimulator.com/eflow/?t=EX-WHL-4776
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
268b5f3d412ca5556d9a47ffa3ae6ae8e72c9f980cf3a3e8ad4a08d0917e2cac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hotsimulator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 20:58:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 07 Apr 2022 21:51:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Apr 2022 21:51:32 GMT
js
www.googletagmanager.com/gtag/ 		147 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-937505057
Requested by
Host: hotsimulator.com
URL: https://hotsimulator.com/eflow/?t=EX-WHL-4776
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bda51ca4c017b638c42587ba4d6f001bb31be66f03c47938b0d8e177e24ead95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hotsimulator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 21:51:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56047
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 07 Apr 2022 21:51:32 GMT
5-fast.gif
cdn2.bangready.com/e-flow/images/connecting/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn2.bangready.com/e-flow/images/connecting/5-fast.gif
Requested by
Host: hotsimulator.com
URL: https://hotsimulator.com/eflow/?t=EX-WHL-4776
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Apache /
Resource Hash
5fe7d06ff80f75299148fbb960ce8963ed065e5ecac900bbd11b8a5ad50a18fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hotsimulator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 21:51:32 GMT
last-modified
Sun, 27 Feb 2022 14:21:07 GMT
server
Apache
etag
"1645971667"
x-hw
1649368292.cds290.lo4.hn,1649368292.cds282.lo4.c
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2797200, public
accept-ranges
bytes
content-length
16846
random.svg
bangready.com/ 		699 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bangready.com/random.svg
Requested by
Host: hotsimulator.com
URL: https://hotsimulator.com/eflow/?t=EX-WHL-4776
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Apache /
Resource Hash
ccdcda7243fbdc0102cd930d48e2bb893af0f4ac99f6b8ebb544a1c36ec16e6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hotsimulator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 21:51:32 GMT
content-encoding
gzip
last-modified
Tue, 15 Feb 2022 23:16:53 GMT
server
Apache
etag
"1644967013"
x-hw
1649368292.cds229.lo4.hn,1649368292.cds007.lo4.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
462
esrb.png
cdn2.bangready.com/e-flow/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn2.bangready.com/e-flow/images/esrb.png
Requested by
Host: hotsimulator.com
URL: https://hotsimulator.com/eflow/?t=EX-WHL-4776
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Apache /
Resource Hash
fdb1a4de8135dd8053f7cdc8db67bc2f28025167e843f3cc8d3c6068e4a54116

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hotsimulator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 21:51:32 GMT
last-modified
Fri, 25 Mar 2022 16:03:03 GMT
server
Apache
etag
"1648224183"
x-hw
1649368292.cds290.lo4.hn,1649368292.cds030.lo4.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2797200, public
accept-ranges
bytes
content-length
6932
usk.png
cdn2.bangready.com/e-flow/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn2.bangready.com/e-flow/images/usk.png
Requested by
Host: hotsimulator.com
URL: https://hotsimulator.com/eflow/?t=EX-WHL-4776
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Apache /
Resource Hash
1b68bea0b4c738cc760d87f0e154392d4e18c28e3d0e911657532444a91833e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hotsimulator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 21:51:32 GMT
last-modified
Fri, 25 Mar 2022 16:03:02 GMT
server
Apache
etag
"1648224182"
x-hw
1649368292.cds290.lo4.hn,1649368292.cds090.lo4.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2797200, public
accept-ranges
bytes
content-length
8786
pegi.png
cdn2.bangready.com/e-flow/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn2.bangready.com/e-flow/images/pegi.png
Requested by
Host: hotsimulator.com
URL: https://hotsimulator.com/eflow/?t=EX-WHL-4776
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Apache /
Resource Hash
9dd5f49c0cc16375e2d5b935bdeea61acca160fd5a21c8a7c8e2e9e52b32a88e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hotsimulator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 21:51:32 GMT
last-modified
Fri, 25 Mar 2022 16:03:04 GMT
server
Apache
etag
"1648224184"
x-hw
1649368292.cds290.lo4.hn,1649368292.cds202.lo4.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2797200, public
accept-ranges
bytes
content-length
5410
nvidia-long.png
cdn2.bangready.com/video/eflow/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn2.bangready.com/video/eflow/nvidia-long.png
Requested by
Host: hotsimulator.com
URL: https://hotsimulator.com/eflow/?t=EX-WHL-4776
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Apache /
Resource Hash
0ad38706e391eee7e21cb5be531f7a43323b2361a1b450b7c6af66639c7e44ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hotsimulator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 21:51:32 GMT
last-modified
Thu, 09 Dec 2021 21:05:36 GMT
server
Apache
etag
"1639083936"
x-hw
1649368292.cds290.lo4.hn,1649368292.cds271.lo4.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2797200, public
accept-ranges
bytes
content-length
12553
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: hotsimulator.com
URL: https://hotsimulator.com/eflow/?t=EX-WHL-4776
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hotsimulator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 21:51:32 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1649368292.dop125.fr8.t,1649368292.cds202.fr8.hn,1649368292.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v19/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v19/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hotsimulator.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 19:30:15 GMT
x-content-type-options
nosniff
age
94877
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:17:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 06 Apr 2023 19:30:15 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v19/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v19/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hotsimulator.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 01:44:27 GMT
x-content-type-options
nosniff
age
590825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7748
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:15:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Apr 2023 01:44:27 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v19/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v19/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hotsimulator.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 19:30:15 GMT
x-content-type-options
nosniff
age
94877
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7816
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:11:40 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 06 Apr 2023 19:30:15 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-937505057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
7ce02e0f563c14e7fd2d3249c13317e74fef66108f27096bf04a04552aa0c99c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hotsimulator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 21:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14886
x-xss-protection
0
server
cafe
etag
11980861724045072707
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 07 Apr 2022 21:51:32 GMT
games-sfw-bg.jpg
cdn2.bangready.com/video/ 		691 KB
692 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn2.bangready.com/video/games-sfw-bg.jpg
Requested by
Host: hotsimulator.com
URL: https://hotsimulator.com/eflow/?t=EX-WHL-4776
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Apache /
Resource Hash
219f58839e41447efecff3c60f6e8243f4d6551ecf1350f6ff53b84c619e00bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hotsimulator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 21:51:32 GMT
last-modified
Tue, 30 Nov 2021 00:34:29 GMT
server
Apache
etag
"1638232469"
x-hw
1649368292.cds290.lo4.hn,1649368292.cds284.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2797200, public
accept-ranges
bytes
content-length
707907
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/937505057/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/937505057/?random=1649368292939&cv=9&fst=1649368292939&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fhotsimulator.com%2Feflow%2F%3Ft%3DEX-WHL-4776&tiba=Hot%20Simulator%20-%20Kostenlose%20Registrierung&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
89be2b3aa723b258ef26f4139cefb73dd52b74d67255be24ff27d364d472fb74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hotsimulator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Apr 2022 21:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1067
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/937505057/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/937505057/?random=1649368292939&cv=9&fst=1649365200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fhotsimulator.com%2Feflow%2F%3Ft%3DEX-WHL-4776&tiba=Hot%20Simulator%20-%20Kostenlose%20Registrierung&async=1&fmt=3&is_vtc=1&random=1289081485&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: hotsimulator.com
URL: https://hotsimulator.com/eflow/?t=EX-WHL-4776
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hotsimulator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Apr 2022 21:51:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/937505057/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/937505057/?random=1649368292939&cv=9&fst=1649365200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fhotsimulator.com%2Feflow%2F%3Ft%3DEX-WHL-4776&tiba=Hot%20Simulator%20-%20Kostenlose%20Registrierung&async=1&fmt=3&is_vtc=1&random=1289081485&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: hotsimulator.com
URL: https://hotsimulator.com/eflow/?t=EX-WHL-4776
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hotsimulator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Apr 2022 21:51:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pass-DE.js
cdn2.bangready.com/passgen/ 		1 KB
674 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.bangready.com/passgen/pass-DE.js
Requested by
Host: hotsimulator.com
URL: https://hotsimulator.com/eflow/?t=EX-WHL-4776
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Apache /
Resource Hash
e90442be7d1f8ad443d4acb168724dfc610de8c0f50db4dd85d0dd92d60c62d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hotsimulator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 21:51:37 GMT
content-encoding
gzip
last-modified
Tue, 15 Feb 2022 18:15:34 GMT
server
Apache
etag
"1644948934"
x-hw
1649368297.cds290.lo4.hn,1649368297.cds232.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2797200, private
accept-ranges
bytes
content-length
504

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| gtag object| dataLayer string| gtagEnabled string| flow_track string| flow_extra_tst_cnf string| flow_geo string| flow_browser_lang string| flow_is_mobile string| flow_bapi_destination string| flow_bang_special_care function| rand function| womenInZIP function| goToPage2 object| google_tag_manager object| google_tag_data function| $ function| jQuery function| a0_0x2331 function| updateProgressBar function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

3 Cookies

Domain/Path Name / Value
hotsimulator.com/eflow/ Name: tVersion
Value: T121_V3
.hotsimulator.com/ Name: _gcl_au
Value: 1.1.1502394696.1649368293
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bangready.com
cdn2.bangready.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hotsimulator.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
142.250.186.66
151.139.128.10
151.139.128.11
2001:4de0:ac18::1:a:2b
2a00:1450:4001:803::2002
2a00:1450:4001:811::2003
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2008
0ad38706e391eee7e21cb5be531f7a43323b2361a1b450b7c6af66639c7e44ba
1b68bea0b4c738cc760d87f0e154392d4e18c28e3d0e911657532444a91833e7
219f58839e41447efecff3c60f6e8243f4d6551ecf1350f6ff53b84c619e00bf
268b5f3d412ca5556d9a47ffa3ae6ae8e72c9f980cf3a3e8ad4a08d0917e2cac
5fe7d06ff80f75299148fbb960ce8963ed065e5ecac900bbd11b8a5ad50a18fb
64a53b06de0869fb99fa3ee7a7142b9dfd1600dd696baa339e9e5e4af8f5bff7
7ce02e0f563c14e7fd2d3249c13317e74fef66108f27096bf04a04552aa0c99c
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
89be2b3aa723b258ef26f4139cefb73dd52b74d67255be24ff27d364d472fb74
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9dd5f49c0cc16375e2d5b935bdeea61acca160fd5a21c8a7c8e2e9e52b32a88e
bda51ca4c017b638c42587ba4d6f001bb31be66f03c47938b0d8e177e24ead95
ccdcda7243fbdc0102cd930d48e2bb893af0f4ac99f6b8ebb544a1c36ec16e6d
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
e90442be7d1f8ad443d4acb168724dfc610de8c0f50db4dd85d0dd92d60c62d4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fdb1a4de8135dd8053f7cdc8db67bc2f28025167e843f3cc8d3c6068e4a54116
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e