urlscan.io logo urlscan.io
SecurityTrails logo

legitlaro.com Open in urlscan Pro
149.104.161.95  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://legitcasino.ph/wow-jili/
Effective URL: https://legitlaro.com/wow-jili/
Submission Tags: @phish_report
Submission: On July 31 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 32 HTTP transactions. The main IP is 149.104.161.95, located in Hong Kong, Hong Kong and belongs to SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG. The main domain is legitlaro.com.
TLS certificate: Issued by R10 on July 15th 2024. Valid for: 3 months.
This is the only time legitlaro.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
5 8 172.67.182.58 13335 (CLOUDFLAR...)
1 23 149.104.161.95 140224 (SGPL-AS-A...)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
32 7
8    172.67.182.58 (United States)

ASN13335 (CLOUDFLARENET, US)
legitcasino.ph
23    149.104.161.95 (Hong Kong, Hong Kong)

ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG)
legitlaro.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
23 legitlaro.com
legitlaro.com
517 KB
8 legitcasino.ph
legitcasino.ph
9 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
160 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
72 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
32 6
Domain Requested by
23 legitlaro.com 1 redirects legitlaro.com
8 legitcasino.ph 5 redirects legitcasino.ph
2 www.facebook.com
2 www.googletagmanager.com legitcasino.ph
legitlaro.com
2 connect.facebook.net legitcasino.ph
connect.facebook.net
1 region1.google-analytics.com www.googletagmanager.com
32 6
Subject Issuer Validity Valid
legitcasino.ph
WE1		 2024-07-29 -
2024-10-27		 3 months crt.sh
legitlaro.com
R10		 2024-07-15 -
2024-10-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-09 -
2024-08-07		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://legitlaro.com/wow-jili/
Frame ID: 6014C5A667D3DBD34751882BA1DC885E
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WOW Jili | Hit the Jackpot Faster! ₱999 Welcome Bonus!

Page URL History Show full URLs

  1. https://legitcasino.ph/wow-jili/ Page URL
  2. https://legitcasino.ph/cdn-cgi/phish-bypass?atok=PWQ8c5bLLRoSAUBOAFm2jvED6mjiCDwdl1OC2ptuytY-172240... HTTP 301
    https://legitcasino.ph/wow-jili/ HTTP 301
    https://legitlaro.com/wow-jili/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

32
Requests

91 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

759 kB
Transfer

2249 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://legitcasino.ph/wow-jili/ Page URL
  2. https://legitcasino.ph/cdn-cgi/phish-bypass?atok=PWQ8c5bLLRoSAUBOAFm2jvED6mjiCDwdl1OC2ptuytY-1722407053-0.0.1.1-%2Fwow-jili%2F HTTP 301
    https://legitcasino.ph/wow-jili/ HTTP 301
    https://legitlaro.com/wow-jili/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://legitcasino.ph/favicon.ico HTTP 301
  • https://legitlaro.com/favicon.ico HTTP 302
  • https://legitlaro.com/wp-content/uploads/2023/05/cropped-Legit-Casino-Ph-Favicon-32x32.png
Request Chain 10
  • https://legitcasino.ph/wp-content/uploads/2024/01/WOW.png HTTP 301
  • https://legitlaro.com/wp-content/uploads/2024/01/WOW.png
Request Chain 11
  • https://legitcasino.ph/wp-content/uploads/2023/10/Bonus-2-1024x536.jpg HTTP 301
  • https://legitlaro.com/wp-content/uploads/2023/10/Bonus-2-1024x536.jpg

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
legitcasino.ph/wow-jili/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://legitcasino.ph/wow-jili/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d3a0a6faba3792a533e319980c8dde1bd52d9660eaea962fe8840bd9c0a70af
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-ray
8abb81125e1c77bc-KBP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Jul 2024 06:24:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8riTbndPeWy6m5sKRXoPR6iNvaMpTXRtzz%2FELCICRlIM7S4%2F2S9XmqUlb5YXg1fGqFY7QtVIUFCjzx2RDGNieLd3lFYxmMtXzzgjpXk3vK1%2B20pmVM4At79zaY10cdbbxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf.errors.css
legitcasino.ph/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://legitcasino.ph/cdn-cgi/styles/cf.errors.css
Requested by
Host: legitcasino.ph
URL: https://legitcasino.ph/wow-jili/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://legitcasino.ph/wow-jili/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:24:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2024 16:34:40 GMT
server
cloudflare
etag
W/"669fdba0-5df3"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
8abb8113a92977bc-KBP
expires
Wed, 31 Jul 2024 08:24:13 GMT
icon-exclamation.png
legitcasino.ph/cdn-cgi/images/ 		452 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legitcasino.ph/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: legitcasino.ph
URL: https://legitcasino.ph/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://legitcasino.ph/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:24:13 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2024 16:34:40 GMT
server
cloudflare
etag
"669fdba0-1c4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
8abb811419eb77bc-KBP
content-length
452
expires
Wed, 31 Jul 2024 08:24:13 GMT
cropped-Legit-Casino-Ph-Favicon-32x32.png
legitlaro.com/wp-content/uploads/2023/05/
Redirect Chain
  • https://legitcasino.ph/favicon.ico
  • https://legitlaro.com/favicon.ico
  • https://legitlaro.com/wp-content/uploads/2023/05/cropped-Legit-Casino-Ph-Favicon-32x32.png
924 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://legitlaro.com/wp-content/uploads/2023/05/cropped-Legit-Casino-Ph-Favicon-32x32.png
Protocol
H2
Server
149.104.161.95 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://legitcasino.ph/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:24:16 GMT
last-modified
Sun, 21 May 2023 11:38:07 GMT
server
Apache
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=10368000, public
accept-ranges
bytes
content-length
924
expires
Thu, 28 Nov 2024 06:24:16 GMT

Redirect headers

date
Wed, 31 Jul 2024 06:24:13 GMT
server
Apache
x-redirect-by
WordPress
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://legitlaro.com/wp-content/uploads/2023/05/cropped-Legit-Casino-Ph-Favicon-32x32.png
cache-control
max-age=0
link
<https://legitlaro.com/wp-json/>; rel="https://api.w.org/"
content-length
0
expires
Wed, 31 Jul 2024 06:24:13 GMT
Primary Request /
legitlaro.com/wow-jili/
Redirect Chain
  • https://legitcasino.ph/cdn-cgi/phish-bypass?atok=PWQ8c5bLLRoSAUBOAFm2jvED6mjiCDwdl1OC2ptuytY-1722407053-0.0.1.1-%2Fwow-jili%2F
  • https://legitcasino.ph/wow-jili/
  • https://legitlaro.com/wow-jili/
562 KB
91 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://legitlaro.com/wow-jili/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.104.161.95 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
Apache /
Resource Hash
90437c9e67ce5c7a5e80545bd80095b7b31fdebf8937c68cf3f4e425a3e548d8

Request headers

Referer
https://legitcasino.ph/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Jul 2024 06:24:17 GMT
expires
Wed, 31 Jul 2024 06:24:17 GMT
last-modified
Wed, 31 Jul 2024 06:24:09 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8abb812dd8f477bc-KBP
content-type
text/html; charset=iso-8859-1
date
Wed, 31 Jul 2024 06:24:18 GMT
location
https://legitlaro.com/wow-jili/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wBchHjfERpzE4k20PsHNki7saLEfC23FUOHFqr41MQLC5RbKuhog6VE30UrLQglKoA2NM%2FpLdeg9BnsMGwPPoWV%2FSxFh5vGbj45Eg55Cw1bqYYh%2BHtigUWgAqKvmfVHe6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
elementskit.woff
legitlaro.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/ 		448 KB
249 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://legitlaro.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/elementskit.woff?y24e1e
Requested by
Host: legitlaro.com
URL: https://legitlaro.com/wow-jili/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.104.161.95 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
Apache /
Resource Hash
c1a14078be47bd4e4cf5ba42f7ebc1000a6ae1bfc084f1c7e6132f49823ed038

Request headers

Referer
https://legitlaro.com/wow-jili/
Origin
https://legitlaro.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:24:18 GMT
content-encoding
gzip
last-modified
Sat, 27 Jul 2024 18:36:17 GMT
server
Apache
vary
Accept-Encoding
content-type
font/woff
cache-control
max-age=10368000
accept-ranges
bytes
expires
Thu, 28 Nov 2024 06:24:18 GMT
WOW.png
legitlaro.com/wp-content/uploads/2024/01/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legitlaro.com/wp-content/uploads/2024/01/WOW.png
Requested by
Host: legitlaro.com
URL: https://legitlaro.com/wow-jili/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.104.161.95 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
Apache /
Resource Hash
89e70633da31286f0914cdaa36bd9012374e26c7281d60783311f8587a8a4cd4

Request headers

Referer
https://legitlaro.com/wow-jili/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:24:18 GMT
last-modified
Tue, 09 Jan 2024 01:46:24 GMT
server
Apache
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=10368000, public
accept-ranges
bytes
content-length
7225
expires
Thu, 28 Nov 2024 06:24:18 GMT
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
349f72a6e1ab7c6ae7a69370a1e34cf5b980c70988d91c01bc4a37ba514b4958

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
Bonus-2-1024x536.jpg
legitlaro.com/wp-content/uploads/2023/10/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legitlaro.com/wp-content/uploads/2023/10/Bonus-2-1024x536.jpg
Requested by
Host: legitlaro.com
URL: https://legitlaro.com/wow-jili/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.104.161.95 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
Apache /
Resource Hash
9ccbdcd372637897425df6ac4be1c404f9eb051aaaa900bd6bf935fa0f014106

Request headers

Referer
https://legitlaro.com/wow-jili/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:24:18 GMT
last-modified
Tue, 31 Oct 2023 05:13:43 GMT
server
Apache
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=10368000, public
accept-ranges
bytes
content-length
66401
expires
Thu, 28 Nov 2024 06:24:18 GMT
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d72ce7d33a00d972f0db6ac52f4f332d7f531c88071cfc437a519e69f5b2f535

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
lazyload.min.js
legitlaro.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legitlaro.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by
Host: legitlaro.com
URL: https://legitlaro.com/wow-jili/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.104.161.95 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
Apache /
Resource Hash
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Request headers

Referer
https://legitlaro.com/wow-jili/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:24:19 GMT
content-encoding
gzip
last-modified
Wed, 31 Jul 2024 00:45:26 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3053
expires
Thu, 31 Jul 2025 06:24:19 GMT
WOW.png
legitlaro.com/wp-content/uploads/2024/01/
Redirect Chain
  • https://legitcasino.ph/wp-content/uploads/2024/01/WOW.png
  • https://legitlaro.com/wp-content/uploads/2024/01/WOW.png
7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legitlaro.com/wp-content/uploads/2024/01/WOW.png
Requested by
Host: legitlaro.com
URL: https://legitlaro.com/wow-jili/
Protocol
H2
Server
149.104.161.95 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
Apache /
Resource Hash
89e70633da31286f0914cdaa36bd9012374e26c7281d60783311f8587a8a4cd4

Request headers

Referer
https://legitlaro.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:24:18 GMT
last-modified
Tue, 09 Jan 2024 01:46:24 GMT
server
Apache
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=10368000, public
accept-ranges
bytes
content-length
7225
expires
Thu, 28 Nov 2024 06:24:18 GMT

Redirect headers

date
Wed, 31 Jul 2024 06:24:20 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cSs0Gqf6YNULU%2F4RRtacBEsa3i%2BbcH%2BXZMvX2zqi%2Fg5Xxijo8aokH%2FVcjEO8Iohr36Q5bkHrGPCuJj5Yu3O8Z8bn2d%2F%2F2P8Mo%2BzIZLi%2B%2B8ljN0TPGY77S0KVxQKc5%2FBP9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://legitlaro.com/wp-content/uploads/2024/01/WOW.png
cache-control
max-age=14400
cf-ray
8abb813f0c5e3552-WAW
alt-svc
h3=":443"; ma=86400
Bonus-2-1024x536.jpg
legitlaro.com/wp-content/uploads/2023/10/
Redirect Chain
  • https://legitcasino.ph/wp-content/uploads/2023/10/Bonus-2-1024x536.jpg
  • https://legitlaro.com/wp-content/uploads/2023/10/Bonus-2-1024x536.jpg
65 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legitlaro.com/wp-content/uploads/2023/10/Bonus-2-1024x536.jpg
Requested by
Host: legitlaro.com
URL: https://legitlaro.com/wow-jili/
Protocol
H2
Server
149.104.161.95 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
Apache /
Resource Hash
9ccbdcd372637897425df6ac4be1c404f9eb051aaaa900bd6bf935fa0f014106

Request headers

Referer
https://legitlaro.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:24:18 GMT
last-modified
Tue, 31 Oct 2023 05:13:43 GMT
server
Apache
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=10368000, public
accept-ranges
bytes
content-length
66401
expires
Thu, 28 Nov 2024 06:24:18 GMT

Redirect headers

date
Wed, 31 Jul 2024 06:24:21 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f3HNrEiXc7HgMsyMZBEi%2FM%2Fp7YyoNZRw4Q%2FYO6mQ1%2FvusAkkBsWHJQhPuNayQqbu7srdwkz%2Bhnxur2d%2FDYGdpOhcYcrGm8iW1ZlWW9zNaAxHHK2U377ka78q6HHIQsUTOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://legitlaro.com/wp-content/uploads/2023/10/Bonus-2-1024x536.jpg
cache-control
max-age=14400
cf-ray
8abb813f0c5f3552-WAW
alt-svc
h3=":443"; ma=86400
jquery.min.js
legitlaro.com/wp-includes/js/jquery/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legitlaro.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: legitlaro.com
URL: https://legitlaro.com/wow-jili/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.104.161.95 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
Apache /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer
https://legitlaro.com/wow-jili/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:24:20 GMT
content-encoding
gzip
last-modified
Wed, 08 Nov 2023 14:50:31 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
30368
expires
Thu, 31 Jul 2025 06:24:20 GMT
jquery-migrate.min.js
legitlaro.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legitlaro.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: legitlaro.com
URL: https://legitlaro.com/wow-jili/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.104.161.95 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
Apache /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Referer
https://legitlaro.com/wow-jili/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:24:20 GMT
content-encoding
gzip
last-modified
Wed, 27 Sep 2023 11:00:29 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4872
expires
Thu, 31 Jul 2025 06:24:20 GMT
imagesloaded.min.js
legitlaro.com/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legitlaro.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Requested by
Host: legitlaro.com
URL: https://legitlaro.com/wow-jili/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.104.161.95 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
Apache /
Resource Hash
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Request headers

Referer
https://legitlaro.com/wow-jili/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:24:20 GMT
content-encoding
gzip
last-modified
Wed, 08 Nov 2023 14:50:31 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1803
expires
Thu, 31 Jul 2025 06:24:20 GMT
masonry.min.js
legitlaro.com/wp-includes/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legitlaro.com/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by
Host: legitlaro.com
URL: https://legitlaro.com/wow-jili/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.104.161.95 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
Apache /
Resource Hash
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

Referer
https://legitlaro.com/wow-jili/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:24:20 GMT
content-encoding
gzip
last-modified
Sat, 13 Jun 2020 18:53:27 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
7382
expires
Thu, 31 Jul 2025 06:24:20 GMT
ticker.min.js
legitlaro.com/wp-content/plugins/blog-designer/public/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legitlaro.com/wp-content/plugins/blog-designer/public/js/ticker.min.js?ver=1.0
Requested by
Host: legitlaro.com
URL: https://legitlaro.com/wow-jili/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.104.161.95 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
Apache /
Resource Hash
4a217e3ef88e6768b6cdbe27f25d598ae20fcede7d690ecafb6b8552fcda940d

Request headers

Referer
https://legitlaro.com/wow-jili/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:24:20 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2024 06:36:09 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1707
expires
Thu, 31 Jul 2025 06:24:20 GMT
designer.js
legitlaro.com/wp-content/plugins/blog-designer/public/js/ 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legitlaro.com/wp-content/plugins/blog-designer/public/js/designer.js?ver=1.0
Requested by
Host: legitlaro.com
URL: https://legitlaro.com/wow-jili/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.104.161.95 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
Apache /
Resource Hash
f493a23a02991f2b8ef6d1be31ecdced4b15cf6801102e623457d1e58cc9b00a

Request headers

Referer
https://legitlaro.com/wow-jili/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:24:20 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2024 06:36:09 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
2286
expires
Thu, 31 Jul 2025 06:24:20 GMT
eb-blocks-localize.js
legitlaro.com/wp-content/plugins/essential-blocks/assets/js/ 		0
91 B 		Script
General
Check archive.org
Download Go to
Full URL
https://legitlaro.com/wp-content/plugins/essential-blocks/assets/js/eb-blocks-localize.js?ver=4.8.3
Requested by
Host: legitlaro.com
URL: https://legitlaro.com/wow-jili/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.104.161.95 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://legitlaro.com/wow-jili/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:24:20 GMT
last-modified
Sat, 27 Jul 2024 18:36:26 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
0
expires
Thu, 31 Jul 2025 06:24:20 GMT
frontend.min.js
legitlaro.com/wp-content/themes/astra/assets/js/minified/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legitlaro.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.6.11
Requested by
Host: legitlaro.com
URL: https://legitlaro.com/wow-jili/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.104.161.95 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
Apache /
Resource Hash
ba8baa9e210bbd7de7f146126d6831f6ab3c7fbaf57d5691dc998eea4eb1499a

Request headers

Referer
https://legitlaro.com/wow-jili/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:24:20 GMT
content-encoding
gzip
last-modified
Mon, 15 Apr 2024 09:39:00 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5123
expires
Thu, 31 Jul 2025 06:24:20 GMT
sticky-block.min.js
legitlaro.com/wp-content/plugins/sticky-block/dist/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legitlaro.com/wp-content/plugins/sticky-block/dist/sticky-block.min.js?ver=1.0
Requested by
Host: legitlaro.com
URL: https://legitlaro.com/wow-jili/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.104.161.95 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
Apache /
Resource Hash
24b61c66c5fd6291aa5a39ac2145a58a114f6dc15dff7ddff8168e9090d55916

Request headers

Referer
https://legitlaro.com/wow-jili/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:24:20 GMT
content-encoding
gzip
last-modified
Thu, 18 Jan 2024 19:55:59 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1360
expires
Thu, 31 Jul 2025 06:24:20 GMT
frontend-script.js
legitlaro.com/wp-content/plugins/elementskit-lite/libs/framework/assets/js/ 		40 B
72 B 		Script
General
Check archive.org
Download Go to
Full URL
https://legitlaro.com/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=3.2.3
Requested by
Host: legitlaro.com
URL: https://legitlaro.com/wow-jili/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.104.161.95 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
Apache /
Resource Hash
b8166c5475df6a64ab2456e95f64564164ed697d258e8bfed8cebca40efd6fa5

Request headers

Referer
https://legitlaro.com/wow-jili/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:24:20 GMT
last-modified
Sat, 27 Jul 2024 18:36:17 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
40
expires
Thu, 31 Jul 2025 06:24:20 GMT
widget-scripts.js
legitlaro.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 		134 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legitlaro.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=3.2.3
Requested by
Host: legitlaro.com
URL: https://legitlaro.com/wow-jili/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.104.161.95 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
Apache /
Resource Hash
03ca8c38633872b885f1e54e729c4597da2f1c52d06f9a5289ddda7ca3a9930c

Request headers

Referer
https://legitlaro.com/wow-jili/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:24:20 GMT
content-encoding
gzip
last-modified
Sat, 27 Jul 2024 18:36:17 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
41664
expires
Thu, 31 Jul 2025 06:24:20 GMT
general.min.js
legitlaro.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legitlaro.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.9.27
Requested by
Host: legitlaro.com
URL: https://legitlaro.com/wow-jili/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.104.161.95 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
Apache /
Resource Hash
3c8654b979edf834bc0959a6738de068f5098fef9946017e6a7fcf25db34121a

Request headers

Referer
https://legitlaro.com/wow-jili/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:24:20 GMT
content-encoding
gzip
last-modified
Tue, 16 Jul 2024 18:36:20 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3720
expires
Thu, 31 Jul 2025 06:24:20 GMT
eb-animation-load.js
legitlaro.com/wp-content/plugins/essential-blocks/assets/js/ 		3 KB
885 B 		Script
General
Check archive.org
Download Go to
Full URL
https://legitlaro.com/wp-content/plugins/essential-blocks/assets/js/eb-animation-load.js?ver=4.8.3
Requested by
Host: legitlaro.com
URL: https://legitlaro.com/wow-jili/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.104.161.95 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
Apache /
Resource Hash
cd295c52a9887bd4dd9963a7254102cce4170b3979167625590f231a0534d9c2

Request headers

Referer
https://legitlaro.com/wow-jili/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:24:20 GMT
content-encoding
gzip
last-modified
Sat, 27 Jul 2024 18:36:26 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
851
expires
Thu, 31 Jul 2025 06:24:20 GMT
cropped-Legit-Casino-Ph-Favicon-32x32.png
legitlaro.com/wp-content/uploads/2023/05/ 		924 B
1003 B 		Other
General
Check archive.org
Download Go to
Full URL
https://legitlaro.com/wp-content/uploads/2023/05/cropped-Legit-Casino-Ph-Favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.104.161.95 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
Apache /
Resource Hash
a2cd94399696f92ae2397b15fcaad6329042183b4d1cdc0406583bd0a0a9f6ca

Request headers

Referer
https://legitlaro.com/wow-jili/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:24:20 GMT
last-modified
Sun, 21 May 2023 11:38:07 GMT
server
Apache
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=10368000, public
accept-ranges
bytes
content-length
924
expires
Thu, 28 Nov 2024 06:24:20 GMT
fbevents.js
connect.facebook.net/en_US/ 		224 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: legitcasino.ph
URL: https://legitcasino.ph/wow-jili/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://legitlaro.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 31 Jul 2024 06:24:22 GMT
document-policy
force-load-at-top
x-fb-server-load
17
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58677
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=60, rtx=0, c=12, mss=1368, tbw=2777, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
cDc+ctTPucKd1EvV+u9a1UbS44J6RjjmjapKjaOOyKmgSpLpXw48C2wCeyb86D5hCOoSoCnH977T9Msh7iO00g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		179 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WLV8B8H6
Requested by
Host: legitcasino.ph
URL: https://legitcasino.ph/wow-jili/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ca0722051e47b12717308c2837c3799ef81d5529c43945e27f49d46d9cee74c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://legitlaro.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:24:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66106
x-xss-protection
0
last-modified
Wed, 31 Jul 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 Jul 2024 06:24:22 GMT
js
www.googletagmanager.com/gtag/ 		275 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JKXRLP6SWS
Requested by
Host: legitlaro.com
URL: https://legitlaro.com/wow-jili/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cee164329ad749280891f6433268eb318c8be4c0dfa022ec2d8429308774675e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://legitlaro.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 06:24:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96910
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 31 Jul 2024 06:24:22 GMT
1464690764451671
connect.facebook.net/signals/config/ 		60 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1464690764451671?v=2.9.162&r=stable&domain=legitlaro.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a7067baefc9d74016e0ea8977d5bf419ae73cce7e1f3eb9909796b4bac05426b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://legitlaro.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 31 Jul 2024 06:24:22 GMT
document-policy
force-load-at-top
x-fb-server-load
36
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=66, rtx=0, c=63, mss=1368, tbw=64201, tp=-1, tpl=-1, uplat=159, ullat=0
pragma
public
x-fb-debug
vZ23XimJHjxsLgpoLMXCR9jzNk0vaC+HggABQyKYKlW5qiKohT4mFnJG5Spavzwq16Af68L3XktgK5/EO5RGIw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JKXRLP6SWS&gtm=45je47t0v894159090za200&_p=1722407062011&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=1348990142.1722407063&ul=fi-fi&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722407062&sct=1&seg=0&dl=https%3A%2F%2Flegitlaro.com%2Fwow-jili%2F&dr=https%3A%2F%2Flegitcasino.ph%2F&dt=WOW%20Jili%20%7C%20Hit%20the%20Jackpot%20Faster!%20%E2%82%B1999%20Welcome%20Bonus!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=5060
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JKXRLP6SWS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://legitlaro.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 06:24:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://legitlaro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1464690764451671&ev=PageView&dl=https%3A%2F%2Flegitlaro.com%2Fwow-jili%2F&rl=https%3A%2F%2Flegitcasino.ph%2F&if=false&ts=1722407062617&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722407062615.814784095974576121&ler=other&cdl=API_unavailable&it=1722407062366&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://legitlaro.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=60, rtx=0, c=10, mss=1368, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 31 Jul 2024 06:24:22 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1464690764451671&ev=PageView&dl=https%3A%2F%2Flegitlaro.com%2Fwow-jili%2F&rl=https%3A%2F%2Flegitcasino.ph%2F&if=false&ts=1722407062617&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722407062615.814784095974576121&ler=other&cdl=API_unavailable&it=1722407062366&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://legitlaro.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Wed, 31 Jul 2024 06:24:22 GMT
document-policy
force-load-at-top
x-fb-server-load
18
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397682003697961949", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=60, rtx=0, c=10, mss=1368, tbw=3093, tp=-1, tpl=-1, uplat=172, ullat=0
pragma
no-cache
x-fb-debug
XXpap6/wh+1gK+yb8hewFLAFZrNvEj5femL1Jy2fZFtE1bg7gSTJupMHAgdBNCiYsqZ6F/u6hJPXS3MXGp4CLQ==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397682003697961949"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpmeteor object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe function| LazyLoad object| images object| iframes object| rocket_lazy string| ajaxurl function| jQuery function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| bdp_load_more_ajax function| bd_get_boxy_clean_height function| wpspw_pro_post_ticker_init function| gtag object| dataLayer function| fbq function| _fbq object| eb_conditional_localize object| EssentialBlocksLocalize object| astra function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent function| astraSmoothScroll function| astScrollToTopHandler function| popupTriggerClick function| AstraToggleSubMenu function| AstraToggleSetup function| astraNavMenuToggle function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| rocket_lazyload_css_data object| elementskit object| localize object| ea function| isInViewport function| replaceAnimationClasses function| ebAnimationwaitForElement object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

4 Cookies

Domain/Path Name / Value
.legitcasino.ph/ Name: __cf_mw_byp
Value: PWQ8c5bLLRoSAUBOAFm2jvED6mjiCDwdl1OC2ptuytY-1722407053-0.0.1.1-/wow-jili/
.legitlaro.com/ Name: _ga_JKXRLP6SWS
Value: GS1.1.1722407062.1.0.1722407062.0.0.0
.legitlaro.com/ Name: _ga
Value: GA1.1.1348990142.1722407063
.legitlaro.com/ Name: _fbp
Value: fb.1.1722407062615.814784095974576121

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
legitcasino.ph
legitlaro.com
region1.google-analytics.com
www.facebook.com
www.googletagmanager.com
149.104.161.95
172.67.182.58
2001:4860:4802:32::36
2a00:1450:4001:813::2008
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
03ca8c38633872b885f1e54e729c4597da2f1c52d06f9a5289ddda7ca3a9930c
24b61c66c5fd6291aa5a39ac2145a58a114f6dc15dff7ddff8168e9090d55916
349f72a6e1ab7c6ae7a69370a1e34cf5b980c70988d91c01bc4a37ba514b4958
3c8654b979edf834bc0959a6738de068f5098fef9946017e6a7fcf25db34121a
4a217e3ef88e6768b6cdbe27f25d598ae20fcede7d690ecafb6b8552fcda940d
4d3a0a6faba3792a533e319980c8dde1bd52d9660eaea962fe8840bd9c0a70af
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
89e70633da31286f0914cdaa36bd9012374e26c7281d60783311f8587a8a4cd4
90437c9e67ce5c7a5e80545bd80095b7b31fdebf8937c68cf3f4e425a3e548d8
9ccbdcd372637897425df6ac4be1c404f9eb051aaaa900bd6bf935fa0f014106
a2cd94399696f92ae2397b15fcaad6329042183b4d1cdc0406583bd0a0a9f6ca
a7067baefc9d74016e0ea8977d5bf419ae73cce7e1f3eb9909796b4bac05426b
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
b8166c5475df6a64ab2456e95f64564164ed697d258e8bfed8cebca40efd6fa5
ba8baa9e210bbd7de7f146126d6831f6ab3c7fbaf57d5691dc998eea4eb1499a
c1a14078be47bd4e4cf5ba42f7ebc1000a6ae1bfc084f1c7e6132f49823ed038
ca0722051e47b12717308c2837c3799ef81d5529c43945e27f49d46d9cee74c9
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd295c52a9887bd4dd9963a7254102cce4170b3979167625590f231a0534d9c2
cee164329ad749280891f6433268eb318c8be4c0dfa022ec2d8429308774675e
d72ce7d33a00d972f0db6ac52f4f332d7f531c88071cfc437a519e69f5b2f535
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f493a23a02991f2b8ef6d1be31ecdced4b15cf6801102e623457d1e58cc9b00a