407vulkan-vegs.com Open in urlscan Pro
2a06:9ac0:260:45b8:31d5:dc67:4b3:9419 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://vulcanbetspins.com/
Effective URL:
https://407vulkan-vegs.com/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&r...
Submission Tags: phishingrod
Submission: On October 07 via api (October 7th 2023, 3:41:38 pm UTC) from DE — Scanned from DE

Summary HTTP 79 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 8 countries across 17 domains to perform 79 HTTP transactions. The main IP is 2a06:9ac0:260:45b8:31d5:dc67:4b3:9419, located in Virgin Islands (British) and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is 407vulkan-vegs.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 21st 2023. Valid for: a year.

This is the only time 407vulkan-vegs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::ac43:ca51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	5.45.70.170 5.45.70.170	58061 (SCALAXY-AS) (SCALAXY-AS)
1 1	2a07:180:c6:e... 2a07:180:c6:e81e:6be5:d06:144a:3079	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1 6	2a05:7880:42b... 2a05:7880:42b:1242:8d63:226:6b50:c9	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
18	2a06:9ac0:260... 2a06:9ac0:260:45b8:31d5:dc67:4b3:9419	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
4	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
9	2a06:9ac0:6af... 2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
7	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	23.56.203.50 23.56.203.50	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	52.31.110.112 52.31.110.112	16509 (AMAZON-02) (AMAZON-02)
2 2	52.214.207.18 52.214.207.18	16509 (AMAZON-02) (AMAZON-02)
79	16

1 2606:4700:3035::ac43:ca51 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

vulcanbetspins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.45.70.170 (Netherlands) 1 redirects

ASN58061 (SCALAXY-AS, LV)

fortuneadvert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a07:180:c6:e81e:6be5:d06:144a:3079 (Belize) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

tarenived.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a05:7880:42b:1242:8d63:226:6b50:c9 (Cyprus) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

hntayltitrthohe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a06:9ac0:260:45b8:31d5:dc67:4b3:9419 (Virgin Islands (British))

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

407vulkan-vegs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stat.407vulkan-vegs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895 (Virgin Islands (British))

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

widget.yhelper.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.56.203.50 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-203-50.deploy.static.akamaitechnologies.com

zz.connextra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.53 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.31.110.112 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-110-112.eu-west-1.compute.amazonaws.com

segment.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.207.18 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-207-18.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	407vulkan-vegs.com 407vulkan-vegs.com stat.407vulkan-vegs.com	1 MB
9	yhelper.net widget.yhelper.net — Cisco Umbrella Rank: 422519	397 KB
8	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2714	2 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	519 KB
6	google.de www.google.de — Cisco Umbrella Rank: 6147	767 B
6	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 98	491 B
6	hntayltitrthohe.com 1 redirects hntayltitrthohe.com — Cisco Umbrella Rank: 342981	78 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	282 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	42 KB
4	bidr.io 3 redirects segment.prod.bidr.io — Cisco Umbrella Rank: 6694 match.prod.bidr.io — Cisco Umbrella Rank: 624	2 KB
3	adnxs.com 1 redirects secure.adnxs.com — Cisco Umbrella Rank: 542	2 KB
3	connextra.com zz.connextra.com — Cisco Umbrella Rank: 11182	17 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	3 KB
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	53 KB
1	tarenived.com 1 redirects tarenived.com	605 B
1	fortuneadvert.com 1 redirects fortuneadvert.com	222 B
1	vulcanbetspins.com 1 redirects vulcanbetspins.com	475 B
79	17

	Domain	Requested by
17	407vulkan-vegs.com	hntayltitrthohe.com 407vulkan-vegs.com
9	widget.yhelper.net	407vulkan-vegs.com widget.yhelper.net
7	www.googletagmanager.com	407vulkan-vegs.com www.googletagmanager.com www.google-analytics.com hntayltitrthohe.com
6	www.google.de	407vulkan-vegs.com
6	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
6	hntayltitrthohe.com	1 redirects hntayltitrthohe.com
5	www.google-analytics.com	407vulkan-vegs.com www.google-analytics.com www.googletagmanager.com
4	fonts.gstatic.com	fonts.googleapis.com
4	region1.analytics.google.com	www.googletagmanager.com
4	www.google.com	407vulkan-vegs.com
3	secure.adnxs.com	1 redirects 407vulkan-vegs.com
3	zz.connextra.com	407vulkan-vegs.com zz.connextra.com
3	fonts.googleapis.com	407vulkan-vegs.com client
2	match.prod.bidr.io	2 redirects
2	segment.prod.bidr.io	1 redirects 407vulkan-vegs.com
1	www.gstatic.com	www.google.com
1	connect.facebook.net	407vulkan-vegs.com
1	stat.407vulkan-vegs.com	407vulkan-vegs.com
1	tarenived.com	1 redirects
1	fortuneadvert.com	1 redirects
1	vulcanbetspins.com	1 redirects
79	21

This site contains no links.

Subject Issuer	Validity	Valid
hntayltitrthohe.com Cloudflare Inc ECC CA-3	`2023-08-31` - `2024-08-29`	a year	crt.sh
407vulkan-vegs.com Cloudflare Inc ECC CA-3	`2023-03-21` - `2024-03-20`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
stat.407vulkan-vegs.com Cloudflare Inc ECC CA-3	`2023-03-21` - `2024-03-20`	a year	crt.sh
widget.yhelper.net Cloudflare Inc ECC CA-3	`2023-08-09` - `2024-08-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-17` - `2023-10-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.connextra.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2024-03-28`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://407vulkan-vegs.com/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639
Frame ID: 14E77AF893DCD2C230DCC611D01D02BC
Requests: 63 HTTP requests in this frame

Frame: https://widget.yhelper.net/iframe/
Frame ID: 1F916670DE02887DB0B72CC8C930378A
Requests: 12 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17917235%26t%3D2
Frame ID: ED69F7E284D16BE071242D875F7F7B6B
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
Frame ID: 5128913538DC4D27F59468A8FB506BA6
Requests: 1 HTTP requests in this frame

Frame: https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-559&value=&_bee_ppp=1
Frame ID: ECA6197851394A962FCBED5277BA1EF7
Requests: 1 HTTP requests in this frame

Frame: https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAHOlU7KQvgAABlFgnY4dw
Frame ID: 04D624BDEF97B8E49C4C965E4B72BDBE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vulkan Vegas - Online Casino

Page URL History Show full URLs

https://vulcanbetspins.com/ HTTP 301
https://fortuneadvert.com/vulkan-vegas/?flow=2491&subid=25 HTTP 302
https://tarenived.com/12128/26806?param=350_2491_&clickid=8993153&lp=00 HTTP 302
https://hntayltitrthohe.com/vulkanvegas/p9500?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid... HTTP 302
https://hntayltitrthohe.com/m1136/check/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=1212... Page URL
https://407vulkan-vegs.com/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

79
Requests

96 %
HTTPS

75 %
IPv6

17
Domains

21
Subdomains

16
IPs

8
Countries

2833 kB
Transfer

8231 kB
Size

34
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://vulcanbetspins.com/ HTTP 301
https://fortuneadvert.com/vulkan-vegas/?flow=2491&subid=25 HTTP 302
https://tarenived.com/12128/26806?param=350_2491_&clickid=8993153&lp=00 HTTP 302
https://hntayltitrthohe.com/vulkanvegas/p9500?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE HTTP 302
https://hntayltitrthohe.com/m1136/check/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639 Page URL
https://407vulkan-vegs.com/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://vulcanbetspins.com/ HTTP 301
https://fortuneadvert.com/vulkan-vegas/?flow=2491&subid=25 HTTP 302
https://tarenived.com/12128/26806?param=350_2491_&clickid=8993153&lp=00 HTTP 302
https://hntayltitrthohe.com/vulkanvegas/p9500?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE HTTP 302
https://hntayltitrthohe.com/m1136/check/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639

Request Chain 55

https://secure.adnxs.com/seg?add=17917235&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17917235%26t%3D2

Request Chain 57

https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-559&value= HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-559&value=&_bee_ppp=1

Request Chain 58

https://match.prod.bidr.io/cookie-sync/geniussports HTTP 303
https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1 HTTP 303
https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAHOlU7KQvgAABlFgnY4dw

79 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

https://vulcanbetspins.com/
https://fortuneadvert.com/vulkan-vegas/?flow=2491&subid=25
https://tarenived.com/12128/26806?param=350_2491_&clickid=8993153&lp=00
https://hntayltitrthohe.com/vulkanvegas/p9500?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE
https://hntayltitrthohe.com/m1136/check/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d...

3 KB
985 B

75ms
75ms

Document
text/html

2a05:7880:42b:1242:8d63:226:6b50:c9
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://hntayltitrthohe.com/m1136/check/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:7880:42b:1242:8d63:226:6b50:c9 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a23ec92654ba0131781169cb285a4a8a7f3af8307eba73123ef6241e41fc66b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 81273fa31dd23a6a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 07 Oct 2023 15:41:29 GMT
server: cloudflare

Redirect headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 81273fa26d023a6a-FRA
content-type: text/html; charset=UTF-8
date: Sat, 07 Oct 2023 15:41:29 GMT
location: https://hntayltitrthohe.com/m1136/check/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639
server: cloudflare

GET
H2 200 bundle-341220101100.min.js Show response
hntayltitrthohe.com/assets/js/ 35 KB
15 KB 39ms
38ms Script
application/javascript 2a05:7880:42b:1242:8d63:226:6b50:c9
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://hntayltitrthohe.com/assets/js/bundle-341220101100.min.js
Requested by: Host: hntayltitrthohe.com
URL: https://hntayltitrthohe.com/m1136/check/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:7880:42b:1242:8d63:226:6b50:c9 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72bd990665a3e23e453cbc32142e0adc634dcf9ce65098207d7697807daa6730

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hntayltitrthohe.com/m1136/check/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 10:59:55 GMT
server: cloudflare
age: 4190
etag: W/"651bf42b-8b65"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 81273fa38ea43a6a-FRA

GET
H2 200 lm-1.0.0.min.js Show response
hntayltitrthohe.com/assets/js/ 189 B
287 B 32ms
31ms Script
application/javascript 2a05:7880:42b:1242:8d63:226:6b50:c9
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://hntayltitrthohe.com/assets/js/lm-1.0.0.min.js
Requested by: Host: hntayltitrthohe.com
URL: https://hntayltitrthohe.com/m1136/check/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:7880:42b:1242:8d63:226:6b50:c9 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0405fc1f27636448050c4f267b89d9d75250af8f5eb0d0720bfafc5b64090a85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hntayltitrthohe.com/m1136/check/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 10:59:55 GMT
server: cloudflare
age: 3154
etag: W/"651bf42b-bd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 81273fa38ea93a6a-FRA

GET
H2 200 ms-1.0.3.min.js Show response
hntayltitrthohe.com/assets/js/ 817 B
455 B 38ms
37ms Script
application/javascript 2a05:7880:42b:1242:8d63:226:6b50:c9
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://hntayltitrthohe.com/assets/js/ms-1.0.3.min.js
Requested by: Host: hntayltitrthohe.com
URL: https://hntayltitrthohe.com/m1136/check/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:7880:42b:1242:8d63:226:6b50:c9 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08dd5a669ddce08beff7fcd7ca5bd30984f8862ac2c2811e70b1b60209a35399

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hntayltitrthohe.com/m1136/check/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 10:59:55 GMT
server: cloudflare
age: 1519
etag: W/"651bf42b-331"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 81273fa39eac3a6a-FRA

GET
H2 200 vulkanvegas.gif
hntayltitrthohe.com/assets/img/meta-redirect/ 60 KB
61 KB 33ms
33ms Image
image/gif 2a05:7880:42b:1242:8d63:226:6b50:c9
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hntayltitrthohe.com/assets/img/meta-redirect/vulkanvegas.gif
Requested by: Host: hntayltitrthohe.com
URL: https://hntayltitrthohe.com/m1136/check/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:7880:42b:1242:8d63:226:6b50:c9 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43087b02a479d46aa3fabd0051347e89046bfff217baf485ed5e44521a48a610

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hntayltitrthohe.com/m1136/check/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:29 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 10:59:55 GMT
server: cloudflare
age: 197
etag: "651bf42b-f1b8"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81273fa3cef73a6a-FRA
content-length: 61880

GET
H2 200 blank.gif
407vulkan-vegs.com/ 43 B
553 B 149ms
65ms Image
image/gif 2a06:9ac0:260:45b8:31d5:dc67:4b3:9419
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://407vulkan-vegs.com/blank.gif?1696693289626

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:9ac0:260:45b8:31d5:dc67:4b3:9419 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hntayltitrthohe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:29 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
x-envoy-upstream-service-time: 0
accept-ranges: bytes
cf-ray: 81273fa4b8773616-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
x-request-id: 5856b192-f1cf-4577-a72e-57d995f4a811
expires: Sat, 07 Oct 2023 19:41:29 GMT

GET
H2 200 Primary Request register Show response
407vulkan-vegs.com/de/ 60 KB
22 KB 174ms
173ms Document
text/html 2a06:9ac0:260:45b8:31d5:dc67:4b3:9419
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://407vulkan-vegs.com/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639

Requested by

Host: hntayltitrthohe.com
URL: https://hntayltitrthohe.com/assets/js/ms-1.0.3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:9ac0:260:45b8:31d5:dc67:4b3:9419 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3f936c796328a780b1b43e97bba3b9387a6eb7157ba0f75e6325c79b9ba7775

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://hntayltitrthohe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 81273fa529003616-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 07 Oct 2023 15:41:29 GMT
link: </static/133827/assets/css/popups.css>; rel="preload"; as="style",</static/133827/assets/css/main.css>; rel="preload"; as="style",</static/133827/assets/js/main.js>; rel="preload"; as="script",</static/133827/assets/js/svg-icon-polyfill.min.js>; rel="preload"; as="script"
server: cloudflare
vary: Accept-Encoding
x-envoy-upstream-service-time: 115
x-frame-options: DENY
x-request-id: 47f297bf-f57a-4278-846e-e3b242b09180
x-upstream: 1

GET
H3 200 popups.css
407vulkan-vegs.com/static/133827/assets/css/ 59 KB
15 KB 36ms
35ms Stylesheet
text/css 2a06:9ac0:260:45b8:31d5:dc67:4b3:9419
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://407vulkan-vegs.com/static/133827/assets/css/popups.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:9ac0:260:45b8:31d5:dc67:4b3:9419 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b6405d166e301dbfd5d92f70b3a6191a4dad87468eca7aec52c61833f859403

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:29 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: HIT
cf-cache-status: HIT
x-amz-request-id: 178B894DB36827B7
age: 91678
content-encoding: gzip
x-cache: HIT
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 8d322e79-3e17-49f6-8157-6387b3a850b0
last-modified: Fri, 06 Oct 2023 13:52:46 GMT
server: cloudflare
etag: W/"50b7f226d47f731d2029a44abd381801"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 81273fa64a3fbbcd-FRA
x-amz-meta-mc-attrs: atime:1696599364#0/gid:0/gname:root/mode:33188/mtime:1696599364#0/uid:0/uname:root
expires: Tue, 04 Oct 2033 15:41:29 GMT

GET
H3 200 main.css
407vulkan-vegs.com/static/133827/assets/css/ 470 KB
95 KB 59ms
58ms Stylesheet
text/css 2a06:9ac0:260:45b8:31d5:dc67:4b3:9419
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://407vulkan-vegs.com/static/133827/assets/css/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:9ac0:260:45b8:31d5:dc67:4b3:9419 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

12c52c344434055538a3e655113fa40825b17138cbf5cc851c4a91e7b1c42c75

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:29 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: HIT
cf-cache-status: HIT
x-amz-request-id: 178B8921E0FBA5B8
age: 92335
content-encoding: gzip
x-cache: HIT
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 5e05c593-e2fb-4cc1-b358-c28f85f055d0
last-modified: Fri, 06 Oct 2023 13:52:46 GMT
server: cloudflare
etag: W/"35a00d3c35984aded3f377741e9cd526"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 81273fa64a43bbcd-FRA
x-amz-meta-mc-attrs: atime:1696599364#0/gid:0/gname:root/mode:33188/mtime:1696599364#0/uid:0/uname:root
expires: Tue, 04 Oct 2033 15:41:29 GMT

GET
H3 200 main.js Show response
407vulkan-vegs.com/static/133827/assets/js/ 2 MB
531 KB 103ms
102ms Script
text/javascript 2a06:9ac0:260:45b8:31d5:dc67:4b3:9419
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://407vulkan-vegs.com/static/133827/assets/js/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:9ac0:260:45b8:31d5:dc67:4b3:9419 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9adf2536482b1c1830507b94d45b5323d11d65355b46e71bb209d5320d7cbf25

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:29 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: HIT
cf-cache-status: HIT
x-amz-request-id: 178B8920F63A1DAE
age: 92335
content-encoding: gzip
x-cache: HIT
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: fd674111-cb37-40b0-bfba-d3c64d9f9259
last-modified: Fri, 06 Oct 2023 13:52:55 GMT
server: cloudflare
etag: W/"4442d2d89bac9bcad33dfc22a1290660"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: text/javascript
cache-control: public, max-age=315360000
cf-ray: 81273fa64a46bbcd-FRA
x-amz-meta-mc-attrs: atime:1696599364#0/gid:0/gname:root/mode:33188/mtime:1696599364#0/uid:0/uname:root
expires: Tue, 04 Oct 2033 15:41:29 GMT

GET
H3 200 svg-icon-polyfill.min.js Show response
407vulkan-vegs.com/static/133827/assets/js/ 1 KB
1 KB 183ms
182ms Script
text/javascript 2a06:9ac0:260:45b8:31d5:dc67:4b3:9419
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://407vulkan-vegs.com/static/133827/assets/js/svg-icon-polyfill.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:9ac0:260:45b8:31d5:dc67:4b3:9419 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

30d3683d95a29d788e711e51c505dfa9cf92dd9911611aa4e726cd0490d74ea0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:29 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: HIT
cf-cache-status: HIT
x-amz-request-id: 178B891DF6AD677E
age: 92335
content-encoding: gzip
x-cache: HIT
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 5d9bab5a-f792-4fda-a501-ba08184072d3
last-modified: Fri, 06 Oct 2023 13:52:55 GMT
server: cloudflare
etag: W/"71e1cbc5c04bbc894ad147e21203a193"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: text/javascript
cache-control: public, max-age=315360000
cf-ray: 81273fa64a48bbcd-FRA
x-amz-meta-mc-attrs: atime:1696599364#0/gid:0/gname:root/mode:33188/mtime:1696599364#0/uid:0/uname:root
expires: Tue, 04 Oct 2033 15:41:29 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 91ms
33ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Requested by

Host: 407vulkan-vegs.com
URL: https://407vulkan-vegs.com/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

790fbfefda609afb7a8018b8236dfb5647cf26320186bf3c98ff1daff951ff2e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 07 Oct 2023 15:41:30 GMT

GET
H2 200 font.png
stat.407vulkan-vegs.com/ 95 B
321 B 113ms
54ms Image
image/png 2a06:9ac0:260:45b8:31d5:dc67:4b3:9419
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.407vulkan-vegs.com/font.png?project=vulkanvegas&uniqueId=1c736d07-cbeb-4996-acb0-00c091ee3177&isAuth=0&action=visit&refCode=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&affData=
Requested by: Host: 407vulkan-vegs.com
URL: https://407vulkan-vegs.com/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:9ac0:260:45b8:31d5:dc67:4b3:9419 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:30 GMT
cf-cache-status: MISS
last-modified: Sat, 07 Oct 2023 15:41:30 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 81273fa6ac25bbe9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 95
expires: Sat, 07 Oct 2023 19:41:30 GMT

GET
H2 200 widget.js Show response
widget.yhelper.net/ 41 KB
13 KB 112ms
54ms Script
application/javascript 2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.yhelper.net/widget.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

17f9bf88a9c9193b4f9affae05d1e201864a2b1ba7b594ece9a4fc9f3cd8955a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:30 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Saturday, 07-Oct-2023 15:41:30 UTC
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache
cf-ray: 81273fa6ade88fec-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 166 KB
60 KB 95ms
36ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5JHCH3SH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e74d5592e9f8c44ac4d01ded86bef16f10dcfed58a73fbd8b0061a78706f76b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61462
x-xss-protection: 0
last-modified: Sat, 07 Oct 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 07 Oct 2023 15:41:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 90ms
38ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700|Open+Sans:400,600,700&subset=cyrillic

Requested by

Host: 407vulkan-vegs.com
URL: https://407vulkan-vegs.com/static/133827/assets/css/popups.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4f9825d24a7764f6e2d4ba91718ab744a73f5fb4c879c319515d62d8f81ec9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 07 Oct 2023 15:41:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 07 Oct 2023 15:41:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 Oct 2023 15:41:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
705 B 93ms
40ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,600,700,800&subset=latin-ext

Requested by

Host: 407vulkan-vegs.com
URL: https://407vulkan-vegs.com/static/133827/assets/css/popups.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 07 Oct 2023 15:41:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 07 Oct 2023 15:41:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 Oct 2023 15:41:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
92 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C5F8635B8B&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JHCH3SH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab11b6ad0dd164cc0478166475110870dfb9831f2bfca87219ab4baddd8f4a20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93714
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 07 Oct 2023 15:41:30 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 74ms
20ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 07 Oct 2023 15:41:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53356
x-xss-protection: 0
pragma: public
x-fb-debug: u8TrobQQ47+PRQqUyqzoEE4QnG/xH1QVSeup2ydPRsUA7NOscEvoln7c8HduK+ZRW6hoxtP9PbSR68uaK82usQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 78ms
22ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 07 Oct 2023 13:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6708
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 07 Oct 2023 15:49:42 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ 466 KB
187 KB 77ms
22ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://407vulkan-vegs.com/
Origin: https://407vulkan-vegs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 17:40:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190978
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Oct 2024 17:40:08 GMT

GET
H3 200 bg-desktop.webp
407vulkan-vegs.com/static/133827/assets/img/frontend/preview/ 29 KB
29 KB 32ms
32ms Image
image/webp 2a06:9ac0:260:45b8:31d5:dc67:4b3:9419
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://407vulkan-vegs.com/static/133827/assets/img/frontend/preview/bg-desktop.webp

Requested by

Host: 407vulkan-vegs.com
URL: https://407vulkan-vegs.com/static/133827/assets/css/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:9ac0:260:45b8:31d5:dc67:4b3:9419 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

be5d871950b6fd68cfe263a4704e8eb554f2b107eafed57950584cfdc13ec932

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/static/133827/assets/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:30 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: HIT
cf-cache-status: HIT
x-amz-request-id: 178B8994CE2BD6F7
age: 92334
content-encoding: gzip
x-cache: HIT
x-envoy-upstream-service-time: 27
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a570e7c1-a6d7-4dd8-a022-7667b74ba7ce
last-modified: Fri, 06 Oct 2023 13:52:52 GMT
server: cloudflare
etag: W/"87fe072e5aac18192fe602465d416224"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: image/webp
cache-control: public, max-age=315360000
cf-ray: 81273fa76bfcbbcd-FRA
x-amz-meta-mc-attrs: atime:1696599364#0/gid:0/gname:root/mode:33188/mtime:1696599364#0/uid:0/uname:root
expires: Tue, 04 Oct 2033 15:41:30 GMT

GET
H3 200 6930.3c0639faa6f352a4c1b4.js Show response
407vulkan-vegs.com/static/133827/assets/js/chunks/ 30 KB
14 KB 30ms
30ms Script
text/javascript 2a06:9ac0:260:45b8:31d5:dc67:4b3:9419
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://407vulkan-vegs.com/static/133827/assets/js/chunks/6930.3c0639faa6f352a4c1b4.js

Requested by

Host: 407vulkan-vegs.com
URL: https://407vulkan-vegs.com/static/133827/assets/js/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:9ac0:260:45b8:31d5:dc67:4b3:9419 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b876c8ef40544148706e6f954cb8380e3205b867da31bb0c92828eb0937655a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:30 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: HIT
cf-cache-status: HIT
x-amz-request-id: 178B8921FF732B02
age: 92598
content-encoding: gzip
x-cache: HIT
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 6e9a47e4-26fe-4c55-83fc-9780dc6af322
last-modified: Fri, 06 Oct 2023 13:52:55 GMT
server: cloudflare
etag: W/"38222ce9728327c6915351c6795d60db"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: text/javascript
cache-control: public, max-age=315360000
cf-ray: 81273fa7ecb6bbcd-FRA
x-amz-meta-mc-attrs: atime:1696599364#0/gid:0/gname:root/mode:33188/mtime:1696599364#0/uid:0/uname:root
expires: Tue, 04 Oct 2033 15:41:30 GMT

GET
H3 200 4528.4c5b7d2428bf486e3631.js Show response
407vulkan-vegs.com/static/133827/assets/js/chunks/ 9 KB
3 KB 36ms
36ms Script
text/javascript 2a06:9ac0:260:45b8:31d5:dc67:4b3:9419
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://407vulkan-vegs.com/static/133827/assets/js/chunks/4528.4c5b7d2428bf486e3631.js

Requested by

Host: 407vulkan-vegs.com
URL: https://407vulkan-vegs.com/static/133827/assets/js/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:9ac0:260:45b8:31d5:dc67:4b3:9419 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad4a189b30945f6b988a8a6ec8772603d405e81df539c6defc7fd7bec3e4cbee

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:30 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: HIT
cf-cache-status: HIT
x-amz-request-id: 178B891E26B12E22
age: 92598
content-encoding: gzip
x-cache: HIT
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 4084ff35-fff1-47f0-b366-5444d33f87fd
last-modified: Fri, 06 Oct 2023 13:52:54 GMT
server: cloudflare
etag: W/"6eacd035b125bdefa9cfa3fa7c44450e"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: text/javascript
cache-control: public, max-age=315360000
cf-ray: 81273fa7ecb7bbcd-FRA
x-amz-meta-mc-attrs: atime:1696599364#0/gid:0/gname:root/mode:33188/mtime:1696599364#0/uid:0/uname:root
expires: Tue, 04 Oct 2033 15:41:30 GMT

GET
H3 200 2851.337797559295efbf05f5.js Show response
407vulkan-vegs.com/static/133827/assets/js/chunks/ 856 KB
272 KB 31ms
31ms Script
text/javascript 2a06:9ac0:260:45b8:31d5:dc67:4b3:9419
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://407vulkan-vegs.com/static/133827/assets/js/chunks/2851.337797559295efbf05f5.js

Requested by

Host: 407vulkan-vegs.com
URL: https://407vulkan-vegs.com/static/133827/assets/js/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:9ac0:260:45b8:31d5:dc67:4b3:9419 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4abe80d7198db58a172115e5246cfa560491f37d3d47d9200a03a3314d1f81ea

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:30 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: HIT
cf-cache-status: HIT
x-amz-request-id: 178B892DADF66ED9
age: 92598
content-encoding: gzip
x-cache: HIT
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: fb0447f3-d315-4034-9c51-40749391d9e8
last-modified: Fri, 06 Oct 2023 13:52:54 GMT
server: cloudflare
etag: W/"145caebeed36fdf5a9f28af1bea90b33"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: text/javascript
cache-control: public, max-age=315360000
cf-ray: 81273fa89db2bbcd-FRA
x-amz-meta-mc-attrs: atime:1696599364#0/gid:0/gname:root/mode:33188/mtime:1696599364#0/uid:0/uname:root
expires: Tue, 04 Oct 2033 15:41:30 GMT

GET
H3 200 popup.css
407vulkan-vegs.com/static/133827/assets/css/ 58 KB
13 KB 185ms
185ms Stylesheet
text/css 2a06:9ac0:260:45b8:31d5:dc67:4b3:9419
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://407vulkan-vegs.com/static/133827/assets/css/popup.css?v=25fb7da94e354fd21a85

Requested by

Host: 407vulkan-vegs.com
URL: https://407vulkan-vegs.com/static/133827/assets/js/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:9ac0:260:45b8:31d5:dc67:4b3:9419 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bbc14942649210edb541d3bf32169492906c864b81ae703e6e63c3bbf0aad9a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:30 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: HIT
cf-cache-status: HIT
x-amz-request-id: 178B894B7F1C1A18
age: 92598
content-encoding: gzip
x-cache: HIT
x-envoy-upstream-service-time: 9
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 020a0923-fa7b-42b7-a50f-940f962e90bb
last-modified: Fri, 06 Oct 2023 13:52:46 GMT
server: cloudflare
etag: W/"861e6d5de21c11198c8316970ff547d7"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 81273fa89db6bbcd-FRA
x-amz-meta-mc-attrs: atime:1696599364#0/gid:0/gname:root/mode:33188/mtime:1696599364#0/uid:0/uname:root
expires: Tue, 04 Oct 2033 15:41:30 GMT

GET
H3 200 popup.971cf0c0e1956a4c5ede.js Show response
407vulkan-vegs.com/static/133827/assets/js/chunks/ 277 KB
70 KB 45ms
45ms Script
text/javascript 2a06:9ac0:260:45b8:31d5:dc67:4b3:9419
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://407vulkan-vegs.com/static/133827/assets/js/chunks/popup.971cf0c0e1956a4c5ede.js

Requested by

Host: 407vulkan-vegs.com
URL: https://407vulkan-vegs.com/static/133827/assets/js/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:9ac0:260:45b8:31d5:dc67:4b3:9419 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a993559cd2a0eb2a2f6011015e41deb3915f57ff9f1552f7694c2d2617893ec

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:30 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: MISS
cf-cache-status: HIT
x-amz-request-id: 178B891B3E18FCB1
age: 92598
content-encoding: gzip
x-cache: MISS
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: c5d986ff-8ee9-46cc-b988-2381b69eb6bf
last-modified: Fri, 06 Oct 2023 13:52:55 GMT
server: cloudflare
etag: W/"4cb41bb22e3f5965cb96d02d205bc93b"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: text/javascript
cache-control: public, max-age=315360000
cf-ray: 81273fa89db8bbcd-FRA
x-amz-meta-mc-attrs: atime:1696599364#0/gid:0/gname:root/mode:33188/mtime:1696599364#0/uid:0/uname:root
expires: Tue, 04 Oct 2033 15:41:30 GMT

GET
H2 200 / Show response
widget.yhelper.net/iframe/ Frame 1F91 488 B
411 B 59ms
59ms Document
text/html 2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.yhelper.net/iframe/

Requested by

Host: widget.yhelper.net
URL: https://widget.yhelper.net/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9141600ee7f2d21182cc1656b94d567d01f2f5e9a0c8d679ed15967c4ed6309

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://407vulkan-vegs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache
cf-cache-status: DYNAMIC
cf-ray: 81273faa09d78fec-FRA
content-encoding: gzip
content-type: text/html
date: Sat, 07 Oct 2023 15:41:30 GMT
last-modified: Saturday, 07-Oct-2023 15:41:30 UTC
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
224 B 29ms
29ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1902142828&t=pageview&_s=1&dl=https%3A%2F%2F407vulkan-vegs.com%2Fde%2Fregister%3Fatp%3D350_2491_%26goto%3Dsitereg%26clickid%3D8993153%26plid%3D12128%26bnid%3D26806%26po%3D%26lang%3Dde%26cc%3DDE%26ref%3Dmb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491%26uuid%3D421346d08d76ffd60f6794b0d431c1e9862fb639&dr=https%3A%2F%2Fhntayltitrthohe.com%2F&ul=en-us&de=UTF-8&dt=Vulkan%20Vegas%20-%20Online%20Casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1839360184&gjid=2069585358&cid=253099959.1696693290&tid=UA-98516105-1&_gid=1222563567.1696693290&_r=1&_slc=1&z=1518652084

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

bb630c1508d89d1dc288ef6dbcff8c766ebee31bc252e8bb9e4e971b0a7faa3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://407vulkan-vegs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 15:41:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://407vulkan-vegs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 81ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-C5F8635B8B&gtm=45je3a40&_p=1902142828&_gaz=1&cid=253099959.1696693290&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696693290&sct=1&seg=0&dl=https%3A%2F%2F407vulkan-vegs.com%2Fde%2Fregister%3Fatp%3D350_2491_%26goto%3Dsitereg%26clickid%3D8993153%26plid%3D12128%26bnid%3D26806%26po%3D%26lang%3Dde%26cc%3DDE%26ref%3Dmb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491%26uuid%3D421346d08d76ffd60f6794b0d431c1e9862fb639&dr=https%3A%2F%2Fhntayltitrthohe.com%2F&dt=Vulkan%20Vegas%20-%20Online%20Casino&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C5F8635B8B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 15:41:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://407vulkan-vegs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 92ms
31ms Ping
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-C5F8635B8B&cid=253099959.1696693290&gtm=45je3a40&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C5F8635B8B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 15:41:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://407vulkan-vegs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 118ms
65ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-C5F8635B8B&cid=253099959.1696693290&gtm=45je3a40&aip=1&z=543634897

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 15:41:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 mono.svg
407vulkan-vegs.com/static/133827/assets/img/frontend/sprites/ 169 KB
70 KB 35ms
35ms Other
image/svg+xml 2a06:9ac0:260:45b8:31d5:dc67:4b3:9419
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://407vulkan-vegs.com/static/133827/assets/img/frontend/sprites/mono.svg

Requested by

Host: 407vulkan-vegs.com
URL: https://407vulkan-vegs.com/static/133827/assets/js/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:9ac0:260:45b8:31d5:dc67:4b3:9419 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb25e7f2406b3abfd2a09da970aadc4b15ddaa8b89c6be7f1f61bd7b62ea7f96

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:30 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: HIT
cf-cache-status: HIT
x-amz-request-id: 178B891E1B03E4D0
age: 92597
content-encoding: gzip
x-cache: HIT
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 96dd895c-ebfe-4d3c-a91d-622b5df80339
last-modified: Fri, 06 Oct 2023 13:52:53 GMT
server: cloudflare
etag: W/"fd05cc3606ef30e8051e5eef64419276"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=315360000
cf-ray: 81273faa4fdcbbcd-FRA
x-amz-meta-mc-attrs: atime:1696599364#0/gid:0/gname:root/mode:33188/mtime:1696599364#0/uid:0/uname:root
expires: Tue, 04 Oct 2033 15:41:30 GMT

GET
H3 200 reg-bonus-bg.png
407vulkan-vegs.com/static/133827/assets/img/frontend/preview/ 128 KB
128 KB 36ms
35ms Image
image/png 2a06:9ac0:260:45b8:31d5:dc67:4b3:9419
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://407vulkan-vegs.com/static/133827/assets/img/frontend/preview/reg-bonus-bg.png

Requested by

Host: 407vulkan-vegs.com
URL: https://407vulkan-vegs.com/static/133827/assets/css/popup.css?v=25fb7da94e354fd21a85

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:9ac0:260:45b8:31d5:dc67:4b3:9419 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0493e4df32d506c7478c2ef58db677b836f87d373f8125142af7860d3dae1c2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/static/133827/assets/css/popup.css?v=25fb7da94e354fd21a85
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:30 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: MISS
cf-cache-status: HIT
x-amz-request-id: 178B8995CB643602
age: 92329
content-encoding: gzip
x-cache: MISS
x-envoy-upstream-service-time: 33
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a8305595-9638-41ed-ae84-d2d43323967e
last-modified: Fri, 06 Oct 2023 13:52:52 GMT
server: cloudflare
etag: W/"bf7e1bafb72ee021e7cac852fbda51bb"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=315360000
cf-ray: 81273faaa866bbcd-FRA
x-amz-meta-mc-attrs: atime:1696599364#0/gid:0/gname:root/mode:33188/mtime:1696599364#0/uid:0/uname:root
expires: Tue, 04 Oct 2033 15:41:30 GMT

GET
H3 200 reg-bonus-girl.png
407vulkan-vegs.com/static/133827/assets/img/frontend/preview/ 170 KB
170 KB 54ms
54ms Image
image/png 2a06:9ac0:260:45b8:31d5:dc67:4b3:9419
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://407vulkan-vegs.com/static/133827/assets/img/frontend/preview/reg-bonus-girl.png

Requested by

Host: 407vulkan-vegs.com
URL: https://407vulkan-vegs.com/static/133827/assets/css/popup.css?v=25fb7da94e354fd21a85

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:9ac0:260:45b8:31d5:dc67:4b3:9419 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dbcd6a8efab3c36c47c6f25a640afecf5b3855656ec782eb48066898575fd12

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/static/133827/assets/css/popup.css?v=25fb7da94e354fd21a85
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:30 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: MISS
cf-cache-status: HIT
x-amz-request-id: 178B8995CB51A3BE
age: 92329
content-encoding: gzip
x-cache: MISS
x-envoy-upstream-service-time: 41
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a69fa6df-1a66-4f18-a6c3-28f54785a886
last-modified: Fri, 06 Oct 2023 13:52:52 GMT
server: cloudflare
etag: W/"0d744947dbf7e47e40e874681ffa2860"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=315360000
cf-ray: 81273faaa86abbcd-FRA
x-amz-meta-mc-attrs: atime:1696599364#0/gid:0/gname:root/mode:33188/mtime:1696599364#0/uid:0/uname:root
expires: Tue, 04 Oct 2033 15:41:30 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 94ms
25ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700|Open+Sans:400,600,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://407vulkan-vegs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:16:19 GMT
x-content-type-options: nosniff
age: 163511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:16:19 GMT

GET
H2 200 regstart Show response
zz.connextra.com/dcs/tagController/tag/363d7ed38585/ 45 KB
16 KB 192ms
90ms Script
text/javascript 23.56.203.50
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zz.connextra.com/dcs/tagController/tag/363d7ed38585/regstart
Requested by: Host: 407vulkan-vegs.com
URL: https://407vulkan-vegs.com/static/133827/assets/js/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.203.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-203-50.deploy.static.akamaitechnologies.com
Software: istio-envoy /
Resource Hash: 9020843d9bd02f44485f9226e59cbdd609e7dbefe6eed4bac2d798f957043276

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:30 GMT
content-encoding: gzip
server: istio-envoy
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: must-revalidate, max-age=257
x-envoy-upstream-service-time: 4
content-length: 16396
expires: Sat, 07 Oct 2023 15:45:47 GMT

GET
H3 200 eur.svg
407vulkan-vegs.com/static/133827/assets/img/frontend/currencies/ 2 KB
2 KB 49ms
48ms Image
image/svg+xml 2a06:9ac0:260:45b8:31d5:dc67:4b3:9419
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://407vulkan-vegs.com/static/133827/assets/img/frontend/currencies/eur.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:9ac0:260:45b8:31d5:dc67:4b3:9419 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cabbad9208580a474602d037cfffe9beaa88be3b9adbf3789a7b51f4e165aee9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:30 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: HIT
cf-cache-status: HIT
x-amz-request-id: 178B89219DB764E7
age: 92597
content-encoding: gzip
x-cache: HIT
x-envoy-upstream-service-time: 11
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 29ce80d7-6a01-434d-82ef-4fb1c2c5e6cd
last-modified: Fri, 06 Oct 2023 13:52:49 GMT
server: cloudflare
etag: W/"883f5443911ae00aa5ee96e841a762c6"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=315360000
cf-ray: 81273faac88cbbcd-FRA
x-amz-meta-mc-attrs: atime:1696599364#0/gid:0/gname:root/mode:33188/mtime:1696599364#0/uid:0/uname:root
expires: Tue, 04 Oct 2033 15:41:30 GMT

GET
H2 200 main.2d681b2e.js Show response
widget.yhelper.net/iframe/ Frame 1F91 1 MB
354 KB 56ms
54ms Script
application/javascript 2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.yhelper.net/iframe/main.2d681b2e.js?7295617861535e3ed069

Requested by

Host: widget.yhelper.net
URL: https://widget.yhelper.net/iframe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2f85d9d8a76b3c6b693ef3c66e1fa3fcdea9e1198937dd59c3a8ea76b28f46a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.yhelper.net/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:30 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Saturday, 07-Oct-2023 15:41:30 UTC
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache
cf-ray: 81273faaeafc8fec-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 30ms
29ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-98516105-1&cid=253099959.1696693290&jid=1839360184&gjid=2069585358&_gid=1222563567.1696693290&_u=IEBAAEAAAAAAACAAI~&z=1673574890

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://407vulkan-vegs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 07 Oct 2023 15:41:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://407vulkan-vegs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 250 KB
85 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZTGWQ6F978&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

297f9e04ff98257beb491d92f13be762d671d9c4bba13bb0c9a3186fcce2de33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86646
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 07 Oct 2023 15:41:30 GMT

POST
H3 200 graphql Show response
407vulkan-vegs.com/ 11 KB
2 KB 177ms
177ms Fetch
application/json 2a06:9ac0:260:45b8:31d5:dc67:4b3:9419
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://407vulkan-vegs.com/graphql

Requested by

Host: 407vulkan-vegs.com
URL: https://407vulkan-vegs.com/static/133827/assets/js/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:9ac0:260:45b8:31d5:dc67:4b3:9419 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d520ce7a2585e9717e66796f4156514a637a2631eec35ba9446c83298f17fbba

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept: */*
X-Gc-Locale: de
Referer: https://407vulkan-vegs.com/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type: application/json

Response headers

date: Sat, 07 Oct 2023 15:41:30 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json
x-upstream: 1
cache-control: private
x-envoy-upstream-service-time: 125
cf-ray: 81273faaf8d4bbcd-FRA
alt-svc: h3=":443"; ma=86400
x-request-id: 66e67ee4-2e1a-4d82-8e74-c2491a77b108

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 66ms
64ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-98516105-1&cid=253099959.1696693290&jid=1839360184&_u=IEBAAEAAAAAAACAAI~&z=2032671426

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 15:41:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 229ms
228ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-98516105-1&cid=253099959.1696693290&jid=1839360184&_u=IEBAAEAAAAAAACAAI~&z=2032671426

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 15:41:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 32ms
31ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZTGWQ6F978&gtm=45je3a40&_p=1902142828&_gaz=1&ul=en-us&sr=1600x1200&cid=253099959.1696693290&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2F407vulkan-vegs.com%2Fde%2Fregister%3Fatp%3D350_2491_%26goto%3Dsitereg%26clickid%3D8993153%26plid%3D12128%26bnid%3D26806%26po%3D%26lang%3Dde%26cc%3DDE%26ref%3Dmb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491%26uuid%3D421346d08d76ffd60f6794b0d431c1e9862fb639&dr=https%3A%2F%2Fhntayltitrthohe.com%2F&dt=Vulkan%20Vegas%20-%20Online%20Casino&sid=1696693290&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZTGWQ6F978&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 15:41:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://407vulkan-vegs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 33ms
32ms Ping
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZTGWQ6F978&cid=253099959.1696693290&gtm=45je3a40&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZTGWQ6F978&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 15:41:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://407vulkan-vegs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 62ms
62ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZTGWQ6F978&cid=253099959.1696693290&gtm=45je3a40&aip=1&z=1406957317

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 15:41:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 1F91 20 KB
1 KB 32ms
32ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&family=Open+Sans:wght@300;400;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cea644050f1a2978a6f5c44148a956d568303b6dd8f89fb71b1535e9163a0a02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.yhelper.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 07 Oct 2023 15:41:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 07 Oct 2023 15:14:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 Oct 2023 15:41:30 GMT

GET
H2 206 4782183d.ChatIncomingInitial.wav
widget.yhelper.net/iframe/src/assets/sounds// Frame 1F91 27 KB
27 KB 42ms
42ms Media
application/octet-stream 2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.yhelper.net/iframe/src/assets/sounds//4782183d.ChatIncomingInitial.wav

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

70f61fc75704bbe219317ebe36e8dc5f1c66bebe36b1debd903ae62a5913f35c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://widget.yhelper.net/iframe/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 07 Oct 2023 15:41:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
last-modified: Saturday, 07-Oct-2023 15:41:31 UTC
server: cloudflare
content-type: application/octet-stream
Content-Range: bytes 0-27563/27564
cache-control: no-store, no-cache
cf-ray: 81273facfd528fec-FRA
Content-Length: 27564

GET
H2 200 f688ee8b.hide.svg
widget.yhelper.net/iframe/src/assets/icons/chat/24// Frame 1F91 285 B
263 B 46ms
46ms Image
image/svg+xml 2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.yhelper.net/iframe/src/assets/icons/chat/24//f688ee8b.hide.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51f862b0c36e757c81f3d0ebdb719962835fa3c4593ec9d979fbaffdf7c4939

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.yhelper.net/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
last-modified: Saturday, 07-Oct-2023 15:41:31 UTC
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-store, no-cache
cf-ray: 81273facfd538fec-FRA

GET
H2 200 1c089c1d.close.svg
widget.yhelper.net/iframe/src/assets/icons/chat/24// Frame 1F91 872 B
408 B 44ms
44ms Image
image/svg+xml 2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.yhelper.net/iframe/src/assets/icons/chat/24//1c089c1d.close.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b723ed8f1f8214896f7c4213859addf841c6f926874cb29c31dee6a8e8f9c47a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.yhelper.net/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
last-modified: Saturday, 07-Oct-2023 15:41:31 UTC
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-store, no-cache
cf-ray: 81273facfd548fec-FRA

GET
H2 200 3595c686.chat.svg
widget.yhelper.net/iframe/src/assets/icons/chat/24// Frame 1F91 491 B
359 B 45ms
45ms Image
image/svg+xml 2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.yhelper.net/iframe/src/assets/icons/chat/24//3595c686.chat.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

819fa453cc85eb531b3b618ab19e66a356d6f08ac68f13012c4440916d7eba4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.yhelper.net/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
last-modified: Saturday, 07-Oct-2023 15:41:31 UTC
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-store, no-cache
cf-ray: 81273facfd568fec-FRA

GET
H2 200 119f4539.history.svg
widget.yhelper.net/iframe/src/assets/icons/chat/24// Frame 1F91 642 B
393 B 79ms
79ms Image
image/svg+xml 2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.yhelper.net/iframe/src/assets/icons/chat/24//119f4539.history.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b48a53089c76a3425894af1ae567f5f31d7031fd4a2758fb1dfea8d6e00b4b48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.yhelper.net/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
last-modified: Saturday, 07-Oct-2023 15:41:31 UTC
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-store, no-cache
cf-ray: 81273facfd578fec-FRA

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1F91 16 KB
16 KB 27ms
27ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&family=Open+Sans:wght@300;400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://widget.yhelper.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 339317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Oct 2024 17:26:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1F91 15 KB
15 KB 33ms
32ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&family=Open+Sans:wght@300;400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://widget.yhelper.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 16:12:51 GMT
x-content-type-options: nosniff
age: 170920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 16:12:51 GMT

POST
H2 200 363d7ed38585 Show response
zz.connextra.com/VulkanVegas/dcs/tagController/tagData/ 0
536 B 176ms
176ms XHR
text/plain 23.56.203.50
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zz.connextra.com/VulkanVegas/dcs/tagController/tagData/363d7ed38585
Requested by: Host: zz.connextra.com
URL: https://zz.connextra.com/dcs/tagController/tag/363d7ed38585/regstart
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.203.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-203-50.deploy.static.akamaitechnologies.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://407vulkan-vegs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 15:41:31 GMT
content-encoding: gzip
server: istio-envoy
vary: origin,accept-encoding
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
access-control-allow-origin: https://407vulkan-vegs.com
content-type: text/plain
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 104
content-length: 20
expires: Sat, 07 Oct 2023 15:41:31 GMT

GET
H2

200

bounce
secure.adnxs.com/ Frame ED69
Redirect Chain

https://secure.adnxs.com/seg?add=17917235&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17917235%26t%3D2

43 B
843 B

30ms
30ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17917235%26t%3D2

Requested by

Protocol

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 15:41:31 GMT
an-x-request-uuid: e24155a4-d1bd-4f6a-928d-c4a98862df38
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.28; 217.114.218.28; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Oct 2023 15:41:31 GMT
an-x-request-uuid: 63ea84d1-b01e-40d2-a79f-7d065c1f1656
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17917235%26t%3D2
x-proxy-origin: 217.114.218.28; 217.114.218.28; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 getuidnb
secure.adnxs.com/ Frame 5128 43 B
575 B 135ms
38ms Image
image/gif 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 15:41:31 GMT
an-x-request-uuid: ef646321-3659-454f-8a33-7d1b550dbdc4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.28; 217.114.218.28; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/ Frame ECA6
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-559&value=
https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-559&value=&_bee_ppp=1

43 B
796 B

44ms
44ms

Image
image/gif

52.31.110.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-559&value=&_bee_ppp=1

Requested by

Protocol

HTTP/1.1

Server

52.31.110.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-110-112.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
Date: Sat, 07 Oct 2023 15:41:31 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-559&value=&_bee_ppp=1
Date: Sat, 07 Oct 2023 15:41:31 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

AAHOlU7KQvgAABlFgnY4dw
zz.connextra.com/sync/data/uid/508a5e2dd5/ Frame 04D6
Redirect Chain

https://match.prod.bidr.io/cookie-sync/geniussports
https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAHOlU7KQvgAABlFgnY4dw

43 B
413 B

72ms
72ms

Image
image/gif

23.56.203.50
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAHOlU7KQvgAABlFgnY4dw
Requested by: Host: 407vulkan-vegs.com
URL: https://407vulkan-vegs.com/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639
Protocol: H2
Server: 23.56.203.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-203-50.deploy.static.akamaitechnologies.com
Software: istio-envoy /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 15:41:31 GMT
content-encoding: gzip
server: istio-envoy
vary: accept-encoding
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
cache-control: max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 1
content-length: 64
expires: Sat, 07 Oct 2023 15:41:31 GMT

Redirect headers

location: https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAHOlU7KQvgAABlFgnY4dw
Date: Sat, 07 Oct 2023 15:41:31 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-79293610-1

Requested by

Host: hntayltitrthohe.com
URL: https://hntayltitrthohe.com/m1136/check/de/register?atp=350_2491_&goto=sitereg&clickid=8993153&plid=12128&bnid=26806&po=&lang=de&cc=DE&ref=mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491&uuid=421346d08d76ffd60f6794b0d431c1e9862fb639

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1e02185a727a0f57b776e3d58a6f4009607cf31c77b07f44bd856408249e2d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68982
x-xss-protection: 0
last-modified: Sat, 07 Oct 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 07 Oct 2023 15:41:31 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-79293610-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JHCH3SH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8df50d56b3d839964350ab3f1133830152df180e74b917006fb0f0b011a1e86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68972
x-xss-protection: 0
last-modified: Sat, 07 Oct 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 07 Oct 2023 15:41:31 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-79293610-6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JHCH3SH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e412e8de0c9a82b6bcf965acac79a82a35a903c7060f317dfcdb9bdd1fb02208

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68986
x-xss-protection: 0
last-modified: Sat, 07 Oct 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 07 Oct 2023 15:41:31 GMT

GET
H2 200 1e6304ab.article.svg
widget.yhelper.net/iframe/src/assets/icons/chat/24// Frame 1F91 962 B
485 B 46ms
44ms Image
image/svg+xml 2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.yhelper.net/iframe/src/assets/icons/chat/24//1e6304ab.article.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5269f7cc9511ad04db01645d3d0f546f67118c6ed4939d94b593fb887bd8913

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.yhelper.net/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
last-modified: Saturday, 07-Oct-2023 15:41:31 UTC
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-store, no-cache
cf-ray: 81273fafb8be8fec-FRA

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1F91 15 KB
16 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&family=Open+Sans:wght@300;400;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://widget.yhelper.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 03:37:30 GMT
x-content-type-options: nosniff
age: 216241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 03:37:30 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
80 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K7BCG2N9ZG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-79293610-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3ba9081a384ca86de9ef6e36429ae4537b90ae61ab7b90a8c34e49d5d7d4bf46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:41:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81849
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 07 Oct 2023 15:41:31 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 36ms
35ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1902142828&t=pageview&_s=1&dl=https%3A%2F%2F407vulkan-vegs.com%2Fde%2Fregister%3Fatp%3D350_2491_%26goto%3Dsitereg%26clickid%3D8993153%26plid%3D12128%26bnid%3D26806%26po%3D%26lang%3Dde%26cc%3DDE%26ref%3Dmb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491%26uuid%3D421346d08d76ffd60f6794b0d431c1e9862fb639&dr=https%3A%2F%2Fhntayltitrthohe.com%2F&ul=en-us&de=UTF-8&dt=Vulkan%20Vegas%20-%20Online%20Casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=297041769&gjid=1113227601&cid=253099959.1696693290&tid=UA-79293610-1&_gid=1222563567.1696693290&_r=1&gtm=457e3a40&jsscut=1&z=360816666

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://407vulkan-vegs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 15:41:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://407vulkan-vegs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-79293610-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 07 Oct 2023 13:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6709
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 07 Oct 2023 15:49:42 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
30ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1902142828&t=pageview&_s=1&dl=https%3A%2F%2F407vulkan-vegs.com%2Fde%2Fregister%3Fatp%3D350_2491_%26goto%3Dsitereg%26clickid%3D8993153%26plid%3D12128%26bnid%3D26806%26po%3D%26lang%3Dde%26cc%3DDE%26ref%3Dmb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491%26uuid%3D421346d08d76ffd60f6794b0d431c1e9862fb639&dr=https%3A%2F%2Fhntayltitrthohe.com%2F&ul=en-us&de=UTF-8&dt=Vulkan%20Vegas%20-%20Online%20Casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=9160560&gjid=1998346229&cid=253099959.1696693290&tid=UA-79293610-6&_gid=1222563567.1696693290&_r=1&gtm=457e3a40&jsscut=1&z=339564698

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://407vulkan-vegs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 15:41:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://407vulkan-vegs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 31ms
30ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-79293610-1&cid=253099959.1696693290&jid=297041769&gjid=1113227601&_gid=1222563567.1696693290&_u=aEDAAUABAAAAACAAI~&z=1363215621

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://407vulkan-vegs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 07 Oct 2023 15:41:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://407vulkan-vegs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 31ms
31ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-79293610-6&cid=253099959.1696693290&jid=9160560&gjid=1998346229&_gid=1222563567.1696693290&_u=aEDAAUABAAAAACAAI~&z=900226692

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://407vulkan-vegs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 07 Oct 2023 15:41:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://407vulkan-vegs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 29ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-K7BCG2N9ZG&gtm=45je3a40&_p=1902142828&_gaz=1&cid=253099959.1696693290&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1696693291&sct=1&seg=0&dl=https%3A%2F%2F407vulkan-vegs.com%2Fde%2Fregister%3Fatp%3D350_2491_%26goto%3Dsitereg%26clickid%3D8993153%26plid%3D12128%26bnid%3D26806%26po%3D%26lang%3Dde%26cc%3DDE%26ref%3Dmb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491%26uuid%3D421346d08d76ffd60f6794b0d431c1e9862fb639&dr=https%3A%2F%2Fhntayltitrthohe.com%2F&dt=Vulkan%20Vegas%20-%20Online%20Casino&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K7BCG2N9ZG&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 15:41:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://407vulkan-vegs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 30ms
29ms Ping
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K7BCG2N9ZG&cid=253099959.1696693290&gtm=45je3a40&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K7BCG2N9ZG&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 15:41:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://407vulkan-vegs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 62ms
61ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K7BCG2N9ZG&cid=253099959.1696693290&gtm=45je3a40&aip=1&z=1030261866

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 15:41:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 62ms
62ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-79293610-1&cid=253099959.1696693290&jid=297041769&_u=aEDAAUABAAAAACAAI~&z=602826594

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 15:41:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 226ms
226ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-79293610-1&cid=253099959.1696693290&jid=297041769&_u=aEDAAUABAAAAACAAI~&z=602826594

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 15:41:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 62ms
62ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-79293610-6&cid=253099959.1696693290&jid=9160560&_u=aEDAAUABAAAAACAAI~&z=1588338231

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 15:41:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 60ms
60ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-79293610-6&cid=253099959.1696693290&jid=9160560&_u=aEDAAUABAAAAACAAI~&z=1588338231

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 15:41:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 32ms
32ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-C5F8635B8B&gtm=45je3a40&_p=1902142828&cid=253099959.1696693290&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1696693290&sct=1&seg=0&dl=https%3A%2F%2F407vulkan-vegs.com%2Fde%2Fregister%3Fatp%3D350_2491_%26goto%3Dsitereg%26clickid%3D8993153%26plid%3D12128%26bnid%3D26806%26po%3D%26lang%3Dde%26cc%3DDE%26ref%3Dmb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491%26uuid%3D421346d08d76ffd60f6794b0d431c1e9862fb639&dr=https%3A%2F%2Fhntayltitrthohe.com%2F&dt=Vulkan%20Vegas%20-%20Online%20Casino&en=scroll&epn.percent_scrolled=90&_et=6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C5F8635B8B&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://407vulkan-vegs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 15:41:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://407vulkan-vegs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fortuneadvert.com/	1970-01-20 15:19:39	Name: site47 Value: 2491
tarenived.com/	1970-01-21 00:54:13	Name: _HGAU Value: 0a5fc7aa-fcab-4e0a-8902-2a7c7e20dba5
tarenived.com/	1970-01-20 16:02:51	Name: vst_cnt_17533 Value: 1
.tarenived.com/	1970-01-20 15:18:15	Name: __cf_bm Value: 2aEKbT1X5njEYLM8RfUFzMz8wFUTtZmzgnc5RaIn3e4-1696693289-0-AcOfg5fJUVurJdHZx4HGAS2jaNXf9VkxCe0IEzoEZ9RlIYnDUh1Xi02pBZdS0lovfs0Ipo6Ar6fJtX37g8nvczc=
hntayltitrthohe.com/	1970-01-21 00:54:13	Name: promouuid Value: 421346d08d76ffd60f6794b0d431c1e9862fb639
hntayltitrthohe.com/	1970-01-20 16:01:55	Name: fd427f4e58fdb94ebde5f5ed4a645a92 Value: 1
.hntayltitrthohe.com/	1970-01-20 15:18:15	Name: __cf_bm Value: P1Ijbg32Ju87wQiTzOXTbIze9y4K9nlvD8GciS44Iuo-1696693289-0-ATe7z8xd9oKNvDAGydbX2P4bGrCJuuWQ5y+GJzGvE3SbZpD8x/YdG9fiqo1FEU7FtOrAvZYH8UjM5DcPF8z6ryc=
hntayltitrthohe.com/	1969-12-31 23:59:59	Name: bl Value: 1
hntayltitrthohe.com/	1969-12-31 23:59:59	Name: bic Value: 1
hntayltitrthohe.com/	1969-12-31 23:59:59	Name: bct Value: 0
hntayltitrthohe.com/	1970-01-21 00:54:13	Name: fp Value: c653d86a842a299150bf41c699c0b1f3
.407vulkan-vegs.com/	1970-01-20 15:18:15	Name: __cf_bm Value: hV70y6p63yu8zUVHwVJZil6dSvsCGsYhwA76hTP_fSs-1696693289-0-AVnEei6JiG2ZirIOx93H86zCWVpbDiqrkuxa9j6Zj8pZaqf8oB/0ezc9sVOEwN59P616UMUQAYMHH+kvlpNPuS0=
407vulkan-vegs.com/	1970-01-20 16:01:25	Name: _regAccess Value: available
407vulkan-vegs.com/	1970-01-20 16:01:25	Name: uuid Value: 1c736d07-cbeb-4996-acb0-00c091ee3177
407vulkan-vegs.com/	1970-01-20 16:01:25	Name: refCode Value: mb_BQBgLwAAtmgAABwlAAA.2023-10.07.350_2491
407vulkan-vegs.com/	1970-01-20 16:01:25	Name: clickId Value: 8993153
407vulkan-vegs.com/	1970-01-20 16:01:25	Name: postmanUuid Value: 421346d08d76ffd60f6794b0d431c1e9862fb639
407vulkan-vegs.com/	1970-01-20 15:38:22	Name: first_entrypoint Value: L2RlL3JlZ2lzdGVyP2F0cD0zNTBfMjQ5MV8mZ290bz1zaXRlcmVnJmNsaWNraWQ9ODk5MzE1MyZwbGlkPTEyMTI4JmJuaWQ9MjY4MDYmcG89Jmxhbmc9ZGUmY2M9REUmcmVmPW1iX0JRQmdMd0FBdG1nQUFCd2xBQUEuMjAyMy0xMC4wNy4zNTBfMjQ5MSZ1dWlkPTQyMTM0NmQwOGQ3NmZmZDYwZjY3OTRiMGQ0MzFjMWU5ODYyZmI2Mzk%3D
.widget.yhelper.net/	1970-01-20 15:18:15	Name: __cf_bm Value: NS4dFkvNuUhPhCRGKu5TnhgiCPnX2PBThxmyj8Bc4A8-1696693290-0-AQZ7EGZn40tNHM9C4r3OuLmxxGoBRInJAF+J32oSqxwfHPwAxWzK6dObU4Zi2hjFoyI9e+ZP81nIRWsjIZpUeRw=
.407vulkan-vegs.com/	1970-01-20 15:19:39	Name: _gid Value: GA1.2.1222563567.1696693290
.407vulkan-vegs.com/	1970-01-20 15:18:13	Name: _gat Value: 1
.407vulkan-vegs.com/	1970-01-21 00:54:13	Name: _ga_C5F8635B8B Value: GS1.1.1696693290.1.0.1696693290.60.0.0
.407vulkan-vegs.com/	1970-01-21 00:54:13	Name: _ga_ZTGWQ6F978 Value: GS1.2.1696693290.1.0.1696693290.60.0.0
.adnxs.com/	1970-01-20 17:27:49	Name: uuid2 Value: 449609304575998046
.connextra.com/	1970-01-21 00:03:49	Name: CxtId Value: b5511200-2d3c-40b8-b3f5-0edb4cfaf4c7
.connextra.com/	1970-01-21 00:03:49	Name: VulkanVegas Value: P%7Cregstart%7C1%7C202310071641
.chat.yhelper.net/	1970-01-20 15:18:15	Name: __cf_bm Value: CkhYdEK44KbN6pkjumcqCEvhHuA.Uubc_owF4T2nI1o-1696693291-0-AQrPom2Land/BdlGfO24wF3aXxqgRcRDbTOQe5dZF26qC2blqXQ6N8u8xG8O6aiXZYHf78gmdzxKehRXHm3fiMA=
.adnxs.com/	1970-01-20 17:27:49	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2E?j9mdqN!@wnf-Te9(>wL5L!!'eb$sCv<
.bidr.io/	1970-01-21 00:46:46	Name: bitoIsSecure Value: ok
.bidr.io/	1970-01-21 00:46:46	Name: bito Value: AAHOlU7KQvgAABlFgnY4dw
.407vulkan-vegs.com/	1970-01-20 15:18:13	Name: _gat_gtag_UA_79293610_1 Value: 1
.407vulkan-vegs.com/	1970-01-20 15:18:13	Name: _gat_gtag_UA_79293610_6 Value: 1
.407vulkan-vegs.com/	1970-01-21 00:54:13	Name: _ga_K7BCG2N9ZG Value: GS1.1.1696693291.1.0.1696693291.60.0.0
.407vulkan-vegs.com/	1970-01-21 00:54:13	Name: _ga Value: GA1.1.253099959.1696693290

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

407vulkan-vegs.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
fortuneadvert.com
hntayltitrthohe.com
match.prod.bidr.io
region1.analytics.google.com
secure.adnxs.com
segment.prod.bidr.io
stat.407vulkan-vegs.com
stats.g.doubleclick.net
tarenived.com
vulcanbetspins.com
widget.yhelper.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
zz.connextra.com
2001:4860:4802:34::36
23.56.203.50
2606:4700:3035::ac43:ca51
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::200e
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c0b::9a
2a03:2880:f084:105:face:b00c:0:3
2a05:7880:42b:1242:8d63:226:6b50:c9
2a06:9ac0:260:45b8:31d5:dc67:4b3:9419
2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895
2a07:180:c6:e81e:6be5:d06:144a:3079
37.252.171.53
5.45.70.170
52.214.207.18
52.31.110.112
0405fc1f27636448050c4f267b89d9d75250af8f5eb0d0720bfafc5b64090a85
08dd5a669ddce08beff7fcd7ca5bd30984f8862ac2c2811e70b1b60209a35399
0b876c8ef40544148706e6f954cb8380e3205b867da31bb0c92828eb0937655a
0dbcd6a8efab3c36c47c6f25a640afecf5b3855656ec782eb48066898575fd12
12c52c344434055538a3e655113fa40825b17138cbf5cc851c4a91e7b1c42c75
17f9bf88a9c9193b4f9affae05d1e201864a2b1ba7b594ece9a4fc9f3cd8955a
297f9e04ff98257beb491d92f13be762d671d9c4bba13bb0c9a3186fcce2de33
30d3683d95a29d788e711e51c505dfa9cf92dd9911611aa4e726cd0490d74ea0
3ba9081a384ca86de9ef6e36429ae4537b90ae61ab7b90a8c34e49d5d7d4bf46
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
43087b02a479d46aa3fabd0051347e89046bfff217baf485ed5e44521a48a610
4a993559cd2a0eb2a2f6011015e41deb3915f57ff9f1552f7694c2d2617893ec
4abe80d7198db58a172115e5246cfa560491f37d3d47d9200a03a3314d1f81ea
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5bbc14942649210edb541d3bf32169492906c864b81ae703e6e63c3bbf0aad9a
70f61fc75704bbe219317ebe36e8dc5f1c66bebe36b1debd903ae62a5913f35c
72bd990665a3e23e453cbc32142e0adc634dcf9ce65098207d7697807daa6730
790fbfefda609afb7a8018b8236dfb5647cf26320186bf3c98ff1daff951ff2e
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
819fa453cc85eb531b3b618ab19e66a356d6f08ac68f13012c4440916d7eba4e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a23ec92654ba0131781169cb285a4a8a7f3af8307eba73123ef6241e41fc66b
8b6405d166e301dbfd5d92f70b3a6191a4dad87468eca7aec52c61833f859403
8df50d56b3d839964350ab3f1133830152df180e74b917006fb0f0b011a1e86d
9020843d9bd02f44485f9226e59cbdd609e7dbefe6eed4bac2d798f957043276
9adf2536482b1c1830507b94d45b5323d11d65355b46e71bb209d5320d7cbf25
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
ab11b6ad0dd164cc0478166475110870dfb9831f2bfca87219ab4baddd8f4a20
ad4a189b30945f6b988a8a6ec8772603d405e81df539c6defc7fd7bec3e4cbee
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2f85d9d8a76b3c6b693ef3c66e1fa3fcdea9e1198937dd59c3a8ea76b28f46a
b48a53089c76a3425894af1ae567f5f31d7031fd4a2758fb1dfea8d6e00b4b48
b723ed8f1f8214896f7c4213859addf841c6f926874cb29c31dee6a8e8f9c47a
bb630c1508d89d1dc288ef6dbcff8c766ebee31bc252e8bb9e4e971b0a7faa3b
be5d871950b6fd68cfe263a4704e8eb554f2b107eafed57950584cfdc13ec932
c1e02185a727a0f57b776e3d58a6f4009607cf31c77b07f44bd856408249e2d9
c3f936c796328a780b1b43e97bba3b9387a6eb7157ba0f75e6325c79b9ba7775
c5269f7cc9511ad04db01645d3d0f546f67118c6ed4939d94b593fb887bd8913
cabbad9208580a474602d037cfffe9beaa88be3b9adbf3789a7b51f4e165aee9
cea644050f1a2978a6f5c44148a956d568303b6dd8f89fb71b1535e9163a0a02
d0493e4df32d506c7478c2ef58db677b836f87d373f8125142af7860d3dae1c2
d520ce7a2585e9717e66796f4156514a637a2631eec35ba9446c83298f17fbba
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e412e8de0c9a82b6bcf965acac79a82a35a903c7060f317dfcdb9bdd1fb02208
e51f862b0c36e757c81f3d0ebdb719962835fa3c4593ec9d979fbaffdf7c4939
e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df
e74d5592e9f8c44ac4d01ded86bef16f10dcfed58a73fbd8b0061a78706f76b9
e9141600ee7f2d21182cc1656b94d567d01f2f5e9a0c8d679ed15967c4ed6309
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4f9825d24a7764f6e2d4ba91718ab744a73f5fb4c879c319515d62d8f81ec9b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb25e7f2406b3abfd2a09da970aadc4b15ddaa8b89c6be7f1f61bd7b62ea7f96

407vulkan-vegs.com Open in urlscan Pro 2a06:9ac0:260:45b8:31d5:dc67:4b3:9419 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

96 %HTTPS

75 %IPv6

17 Domains

21 Subdomains

16 IPs

8 Countries

2833 kBTransfer

8231 kBSize

34 Cookies

0 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

407vulkan-vegs.com Open in urlscan Pro
2a06:9ac0:260:45b8:31d5:dc67:4b3:9419 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

96 %
HTTPS

75 %
IPv6

17
Domains

21
Subdomains

16
IPs

8
Countries

2833 kB
Transfer

8231 kB
Size

34
Cookies

79 HTTP transactions
0 data transactions