www.joocasinos2.com Open in urlscan Pro
172.64.146.204 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://quasuokbw.aeshahealyourlife.org/rd/c3353ijDnP12719rVmz40668EIJ49106eyRd1077
Effective URL:
https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e18...
Submission: On November 04 via manual (November 4th 2022, 4:52:46 am UTC) from IN — Scanned from DE

Summary HTTP 129 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 32 IPs in 8 countries across 27 domains to perform 129 HTTP transactions. The main IP is 172.64.146.204, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.joocasinos2.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 5th 2022. Valid for: a year.

This is the only time www.joocasinos2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	185.83.144.222 185.83.144.222	51559 (NETINTERN...) (NETINTERNET Netinternet Bilisim Teknolojileri AS)
1 1	185.141.164.9 185.141.164.9	61317 (ASDETUK w...) (ASDETUK www.heficed.com)
1 1	176.34.200.217 176.34.200.217	16509 (AMAZON-02) (AMAZON-02)
1 1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	104.18.35.11 104.18.35.11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
47	172.64.146.204 172.64.146.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.144.106 172.64.144.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	104.18.42.221 104.18.42.221	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.59.220.194 185.59.220.194	60068 (CDN77 ^_^) (CDN77 ^_^)
3	157.245.25.14 157.245.25.14	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2600:9000:211... 2600:9000:211e:b400:11:9cfd:9400:93a1	16509 (AMAZON-02) (AMAZON-02)
6	104.17.115.131 104.17.115.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2600:1901:0:7... 2600:1901:0:7047::	15169 (GOOGLE) (GOOGLE)
1	108.156.60.55 108.156.60.55	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	138.199.37.226 138.199.37.226	60068 (CDN77 ^_^) (CDN77 ^_^)
1	34.117.177.207 34.117.177.207	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
8	23.36.162.17 23.36.162.17	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2600:9000:223... 2600:9000:223c:6c00:b:5f76:2600:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.227.225.220 35.227.225.220	15169 (GOOGLE) (GOOGLE)
1 6	23.36.162.71 23.36.162.71	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	108.138.7.118 108.138.7.118	16509 (AMAZON-02) (AMAZON-02)
1 2	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	52.222.214.101 52.222.214.101	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	18.66.147.116 18.66.147.116	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
129	32

2 185.83.144.222 (Turkey) 1 redirects

ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR)
PTR: static-144-222.corelux.net

quasuokbw.aeshahealyourlife.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.141.164.9 (Frankfurt am Main, Germany) 1 redirects

ASN61317 (ASDETUK www.heficed.com, GB)

www.formsnatke.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.34.200.217 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-200-217.eu-west-1.compute.amazonaws.com

tracking.m4rv3l.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

joopartners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.35.11 (Shahr, Iran, Islamic Republic Of) 1 redirects

ASN13335 (CLOUDFLARENET, US)

joocasino.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.joocasino.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 172.64.146.204 (United States)

ASN13335 (CLOUDFLARENET, US)

www.joocasinos2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.144.106 (United States)

ASN13335 (CLOUDFLARENET, US)

www.joocasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.42.221 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

payments-lib.cdn.s7s.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.59.220.194 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-713.bunnyinfra.net

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.245.25.14 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

front.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:b400:11:9cfd:9400:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.customer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.115.131 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

sentry.softswiss.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn2.softswiss.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1901:0:7047:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

rum.browser-intake-datadoghq.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.60.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-55.ams1.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.199.37.226 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-226.datapacket.com

gs-cdn.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.177.207 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 207.177.117.34.bc.googleusercontent.com

jfapiprod.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.36.162.17 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-17.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223c:6c00:b:5f76:2600:93a1 (United States)

ASN16509 (AMAZON-02, US)

4d4d5e53-57bf-4790-9fe6-1fe679506a1b.snippet.antillephone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.225.220 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 220.225.227.35.bc.googleusercontent.com

track.customer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.36.162.71 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-71.deploy.static.akamaitechnologies.com

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
accounts.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-118.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.11 (United States) 1 redirects

ASN20446 (STACKPATH-CDN, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-101.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-116.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	joocasinos2.com www.joocasinos2.com	7 MB
14	livechatinc.com 1 redirects cdn.livechatinc.com — Cisco Umbrella Rank: 5513 api.livechatinc.com — Cisco Umbrella Rank: 5115 secure.livechatinc.com — Cisco Umbrella Rank: 6775 accounts.livechatinc.com — Cisco Umbrella Rank: 8148	365 KB
8	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 8231	3 KB
7	gstatic.com fonts.gstatic.com	135 KB
6	browser-intake-datadoghq.eu rum.browser-intake-datadoghq.eu — Cisco Umbrella Rank: 31186
6	softswiss.net sentry.softswiss.net — Cisco Umbrella Rank: 676110 cdn2.softswiss.net — Cisco Umbrella Rank: 343158	2 KB
5	optimonk.com front.optimonk.com — Cisco Umbrella Rank: 23299 gs-cdn.optimonk.com — Cisco Umbrella Rank: 30481 jfapiprod.optimonk.com — Cisco Umbrella Rank: 29339	53 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	5 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97 region1.google-analytics.com — Cisco Umbrella Rank: 2041	20 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	218 B
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 889 script.hotjar.com — Cisco Umbrella Rank: 1168 vars.hotjar.com — Cisco Umbrella Rank: 1210	69 KB
3	antillephone.com 4d4d5e53-57bf-4790-9fe6-1fe679506a1b.snippet.antillephone.com	48 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3298 onesignal.com — Cisco Umbrella Rank: 859	73 KB
3	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 6210 api.omappapi.com — Cisco Umbrella Rank: 6440	41 KB
3	joocasino.live 1 redirects joocasino.live www.joocasino.live	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	112 KB
2	mouseflow.com 1 redirects cdn.mouseflow.com — Cisco Umbrella Rank: 8784	55 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2098	72 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	143 KB
2	customer.io assets.customer.io — Cisco Umbrella Rank: 32704 track.customer.io — Cisco Umbrella Rank: 26952	3 KB
2	s7s.ai payments-lib.cdn.s7s.ai	57 KB
2	aeshahealyourlife.org 1 redirects quasuokbw.aeshahealyourlife.org	580 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 166	442 B
1	joocasino.com www.joocasino.com	2 KB
1	joopartners.com 1 redirects joopartners.com	670 B
1	m4rv3l.com 1 redirects tracking.m4rv3l.com	2 KB
1	formsnatke.com 1 redirects www.formsnatke.com	596 B
129	27

	Domain	Requested by
47	www.joocasinos2.com	www.joocasino.live www.joocasinos2.com
8	mc.yandex.com	2 redirects www.joocasinos2.com
8	cdn.livechatinc.com	www.joocasinos2.com secure.livechatinc.com
7	fonts.gstatic.com	fonts.googleapis.com
6	rum.browser-intake-datadoghq.eu	www.joocasinos2.com
5	sentry.softswiss.net	www.joocasinos2.com
5	fonts.googleapis.com	www.joocasinos2.com
3	www.facebook.com
3	api.livechatinc.com	cdn.livechatinc.com
3	4d4d5e53-57bf-4790-9fe6-1fe679506a1b.snippet.antillephone.com	www.joocasinos2.com
3	front.optimonk.com	www.joocasinos2.com front.optimonk.com
2	accounts.livechatinc.com	1 redirects cdn.livechatinc.com
2	region1.google-analytics.com	www.googletagmanager.com
2	connect.facebook.net	quasuokbw.aeshahealyourlife.org connect.facebook.net
2	cdn.mouseflow.com	1 redirects
2	www.google-analytics.com	www.googletagmanager.com www.joocasinos2.com
2	mc.yandex.ru	1 redirects quasuokbw.aeshahealyourlife.org
2	www.googletagmanager.com	quasuokbw.aeshahealyourlife.org www.googletagmanager.com
2	cdn.onesignal.com	www.joocasinos2.com cdn.onesignal.com
2	a.omappapi.com	www.joocasinos2.com a.omappapi.com
2	payments-lib.cdn.s7s.ai	www.joocasinos2.com payments-lib.cdn.s7s.ai
2	www.joocasino.live	quasuokbw.aeshahealyourlife.org www.joocasino.live
2	quasuokbw.aeshahealyourlife.org	1 redirects
1	vars.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	www.joocasinos2.com
1	script.hotjar.com	static.hotjar.com
1	secure.livechatinc.com	cdn.livechatinc.com
1	static.hotjar.com	www.googletagmanager.com
1	track.customer.io
1	jfapiprod.optimonk.com	gs-cdn.optimonk.com
1	onesignal.com	cdn.onesignal.com
1	gs-cdn.optimonk.com	front.optimonk.com
1	api.omappapi.com	www.joocasinos2.com
1	cdn2.softswiss.net	www.joocasinos2.com
1	assets.customer.io	www.joocasinos2.com
1	www.joocasino.com
1	joocasino.live	1 redirects
1	joopartners.com	1 redirects
1	tracking.m4rv3l.com	1 redirects
1	www.formsnatke.com	1 redirects
129	40

This site contains links to these domains. Also see Links.

Domain
n1.partners
instantwithdrawals.org
99casinos.com
nzcasinohex.com
aucasinosonline.com
mr-gamble.com
onlinercasino.ca
www.playcasino.com
latestcasinobonuses.mobi
coinspaid.com
www.softswiss.com
validator.antillephone.com
n1affiliates.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-02-08` - `2023-02-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
s7s.ai Cloudflare Inc ECC CA-3	`2022-04-04` - `2023-04-04`	a year	crt.sh
a.omappapi.com R3	`2022-10-18` - `2023-01-16`	3 months	crt.sh
*.optimonk.com AlphaSSL CA - SHA256 - G2	`2022-05-16` - `2023-06-17`	a year	crt.sh
*.customer.io Amazon	`2021-12-20` - `2023-01-17`	a year	crt.sh
softswiss.net Cloudflare Inc ECC CA-3	`2022-07-18` - `2023-07-17`	a year	crt.sh
*.browser-intake-datadoghq.eu DigiCert TLS RSA SHA256 2020 CA1	`2022-07-21` - `2023-07-22`	a year	crt.sh
api.opmnstr.com Amazon	`2022-02-09` - `2023-03-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
gs-cdn.optimonk.com R3	`2022-10-28` - `2023-01-26`	3 months	crt.sh
jfapiprod.optimonk.com GTS CA 1D4	`2022-10-03` - `2023-01-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
livechat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-10` - `2023-10-13`	a year	crt.sh
*.snippet.antillephone.com Starfield Secure Certificate Authority - G2	`2022-04-02` - `2023-05-04`	a year	crt.sh
api.customer.io GTS CA 1D4	`2022-09-19` - `2022-12-18`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-13` - `2022-11-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
Frame ID: 82F9664AB45A7D737DE7A8BA2A62CE7F
Requests: 121 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=8370151&group=8&embedded=1&widget_version=3&unique_groups=1
Frame ID: 032AF3EBD6EB1EC1B1781101EC648B75
Requests: 8 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-0feefa1930c964ac6aa4db4e99e8f25f.html
Frame ID: 8EF6C28C9DCD6BADA6BCC3F13DC44892
Requests: 1 HTTP requests in this frame

Frame: https://accounts.livechatinc.com/static/postmessage.html
Frame ID: B98E10FDC5AE5BBD9303927B702D85F3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

JOO-Willkommenspaket: bis zu 2.000 EUR + 200 Freispiele

Page URL History Show full URLs

http://quasuokbw.aeshahealyourlife.org/rd/c3353ijDnP12719rVmz40668EIJ49106eyRd1077 Page URL
http://quasuokbw.aeshahealyourlife.org/track/c3353ijDnP12719rVmz40668EIJ49106eyRd1077 HTTP 302
https://www.formsnatke.com/74MCDP6/X26Z1XS/?sub1=9&sub2=1077-3353&sub3=12719-40668-49106 HTTP 302
https://tracking.m4rv3l.com/aff_c?offer_id=405&aff_id=1140&source=3781&aff_sub=fd2e7154e1fd472fa54c15ced... HTTP 302
https://joopartners.com/a33dc6e13?clickid=1024e9172c7f895142f19b27ebc6fb&source=1140 HTTP 302
https://joocasino.live/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_636... HTTP 301
https://www.joocasino.live/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_636... Page URL
https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_636... Page URL

Detected technologies

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

129
Requests

97 %
HTTPS

38 %
IPv6

27
Domains

40
Subdomains

32
IPs

8
Countries

8818 kB
Transfer

21112 kB
Size

37
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://n1.partners/
Title: Affiliates

Search URL Search Domain Scan URL

URL: https://instantwithdrawals.org/australia-casinos/

Search URL Search Domain Scan URL

URL: https://99casinos.com/

Search URL Search Domain Scan URL

URL: https://nzcasinohex.com/online-casinos/

Search URL Search Domain Scan URL

URL: https://aucasinosonline.com/

Search URL Search Domain Scan URL

URL: https://mr-gamble.com/en/joo-casino/

Search URL Search Domain Scan URL

URL: https://onlinercasino.ca/online-casinos/joocasino/

Search URL Search Domain Scan URL

URL: https://www.playcasino.com/casino/joo-casino

Search URL Search Domain Scan URL

URL: https://latestcasinobonuses.mobi/casino/joo-casino/

Search URL Search Domain Scan URL

URL: https://coinspaid.com/

Search URL Search Domain Scan URL

URL: https://www.softswiss.com/

Search URL Search Domain Scan URL

URL: https://validator.antillephone.com/validate?domain=www.joocasinos2.com&seal_id=a5f9fe20e68869f5f53cdba21ec1bdb36db18dad794af40f7da68f241b63e177b1ff09c46f56e98bcc3ef778179897ce&stamp=3f78a0df6e4c0fbf56a0dbf2d002c703

Search URL Search Domain Scan URL

URL: https://n1affiliates.com/
Title: Partnerprogramm

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://quasuokbw.aeshahealyourlife.org/rd/c3353ijDnP12719rVmz40668EIJ49106eyRd1077 Page URL
http://quasuokbw.aeshahealyourlife.org/track/c3353ijDnP12719rVmz40668EIJ49106eyRd1077 HTTP 302
https://www.formsnatke.com/74MCDP6/X26Z1XS/?sub1=9&sub2=1077-3353&sub3=12719-40668-49106 HTTP 302
https://tracking.m4rv3l.com/aff_c?offer_id=405&aff_id=1140&source=3781&aff_sub=fd2e7154e1fd472fa54c15ced4d4bb0d HTTP 302
https://joopartners.com/a33dc6e13?clickid=1024e9172c7f895142f19b27ebc6fb&source=1140 HTTP 302
https://joocasino.live/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181 HTTP 301
https://www.joocasino.live/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181 Page URL
https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://quasuokbw.aeshahealyourlife.org/track/c3353ijDnP12719rVmz40668EIJ49106eyRd1077 HTTP 302
https://www.formsnatke.com/74MCDP6/X26Z1XS/?sub1=9&sub2=1077-3353&sub3=12719-40668-49106 HTTP 302
https://tracking.m4rv3l.com/aff_c?offer_id=405&aff_id=1140&source=3781&aff_sub=fd2e7154e1fd472fa54c15ced4d4bb0d HTTP 302
https://joopartners.com/a33dc6e13?clickid=1024e9172c7f895142f19b27ebc6fb&source=1140 HTTP 302
https://joocasino.live/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181 HTTP 301
https://www.joocasino.live/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181

Request Chain 93

https://cdn.mouseflow.com/projects/635eb737-3168-4c17-b1a5-f61dc54f6ca5.js HTTP 301
https://cdn.mouseflow.com/projects/635eb737-3168-4c17-b1a5-f61dc54f6ca5_eu.js

Request Chain 109

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9812.lzBeN8yDrM9_NdWoOUD9JSohE45LnXqbXNSl-3gkDOVQ36OC8Y4sVhfzi4dMfdIe.2jrzrRVlbFGvyhle6q3tLCxR2K8%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9812.El2iXxbCtv_JaW1qysgOAq21BV8V2XtucKByw6DioDKsuPgJfVocqjBxb4ksxHG_gXpchV3tn0Y4Weznr8DPSQ%2C%2C.CEVe_L2fvsp0v545I9X9Sdl0n_s%2C

Request Chain 115

https://accounts.livechatinc.com/licence/g8370151_8/customer?license_id=8370151&flow=button&response_type=token&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&redirect_uri=https%3A%2F%2Fsecure.livechatinc.com%2Fcustomer%2Faction%2Fopen_chat&post_message_uri=https%3A%2F%2Fsecure.livechatinc.com%2Fcustomer%2Faction%2Fopen_chat&state=%40livechat%2Fcustomer-auth HTTP 302
https://accounts.livechatinc.com/static/postmessage.html

Request Chain 118

https://mc.yandex.com/watch/51821255?wmode=7&page-url=https%3A%2F%2Fwww.joocasinos2.com%2Fde%2Flanding-pages%2Fstandard-welcome-package-up-to-1-000-eur-200-fs%3Fstag%3D16284_63649a933ae604677351e181%26__layerref%3Dhttp%253A%252F%252Fquasuokbw.aeshahealyourlife.org%252F&page-ref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfm45xylrqz94o3kspt6k%3Afp%3A901%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1032290009504%3Ahid%3A234123158%3Az%3A0%3Ai%3A20221104045239%3Aet%3A1667537559%3Ac%3A1%3Arn%3A814145206%3Arqn%3A1%3Au%3A1667537559585162175%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C34%2C1%2C0%2C0%2C%2C130%2C0%2C2452%2C2452%2C10%2C460%3Acpf%3A1%3Ans%3A1667537556434%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1667537560%3At%3AJOO-Willkommenspaket%3A%20bis%20zu%202.000%20EUR%20%2B%20200%20Freispiele&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/51821255/1?wmode=7&page-url=https%3A%2F%2Fwww.joocasinos2.com%2Fde%2Flanding-pages%2Fstandard-welcome-package-up-to-1-000-eur-200-fs%3Fstag%3D16284_63649a933ae604677351e181%26__layerref%3Dhttp%253A%252F%252Fquasuokbw.aeshahealyourlife.org%252F&page-ref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfm45xylrqz94o3kspt6k%3Afp%3A901%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1032290009504%3Ahid%3A234123158%3Az%3A0%3Ai%3A20221104045239%3Aet%3A1667537559%3Ac%3A1%3Arn%3A814145206%3Arqn%3A1%3Au%3A1667537559585162175%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C34%2C1%2C0%2C0%2C%2C130%2C0%2C2452%2C2452%2C10%2C460%3Acpf%3A1%3Ans%3A1667537556434%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1667537560%3At%3AJOO-Willkommenspaket%3A%20bis%20zu%202.000%20EUR%20%2B%20200%20Freispiele&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

129 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK c3353ijDnP12719rVmz40668EIJ49106eyRd1077
quasuokbw.aeshahealyourlife.org/rd/ 243 B
360 B 139ms
52ms Document
text/html 185.83.144.222
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://quasuokbw.aeshahealyourlife.org/rd/c3353ijDnP12719rVmz40668EIJ49106eyRd1077
Protocol: HTTP/1.1
Server: 185.83.144.222 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: static-144-222.corelux.net
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 243
Content-Type: text/html; charset=utf-8
Date: Fri, 04 Nov 2022 04:52:35 GMT

GET
H2

200

standard-welcome-package-up-to-1-000-eur-200-fs
www.joocasino.live/landing-pages/
Redirect Chain

http://quasuokbw.aeshahealyourlife.org/track/c3353ijDnP12719rVmz40668EIJ49106eyRd1077
https://www.formsnatke.com/74MCDP6/X26Z1XS/?sub1=9&sub2=1077-3353&sub3=12719-40668-49106
https://tracking.m4rv3l.com/aff_c?offer_id=405&aff_id=1140&source=3781&aff_sub=fd2e7154e1fd472fa54c15ced4d4bb0d
https://joopartners.com/a33dc6e13?clickid=1024e9172c7f895142f19b27ebc6fb&source=1140
https://joocasino.live/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181
https://www.joocasino.live/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181

3 KB
2 KB

76ms
35ms

Document
text/html

104.18.35.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.joocasino.live/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181
Requested by: Host: quasuokbw.aeshahealyourlife.org
URL: http://quasuokbw.aeshahealyourlife.org/rd/c3353ijDnP12719rVmz40668EIJ49106eyRd1077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.11 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://quasuokbw.aeshahealyourlife.org/rd/c3353ijDnP12719rVmz40668EIJ49106eyRd1077
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 764abdbeca2590b5-FRA
content-encoding: gzip
content-type: text/html
date: Fri, 04 Nov 2022 04:52:36 GMT
etag: W/"634e5dee-dac"
last-modified: Tue, 18 Oct 2022 08:03:58 GMT
server: cloudflare
x-robots-tag: none

Redirect headers

cache-control: max-age=3600
cf-ray: 764abdbe79e390b5-FRA
date: Fri, 04 Nov 2022 04:52:36 GMT
expires: Fri, 04 Nov 2022 05:52:36 GMT
location: https://www.joocasino.live/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181
server: cloudflare
vary: Accept-Encoding

GET
H2 200 geoip
www.joocasino.live/ 2 B
88 B 23ms
23ms Fetch
application/octet-stream 104.18.35.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.joocasino.live/geoip
Requested by: Host: www.joocasino.live
URL: https://www.joocasino.live/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.11 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasino.live/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

gdcc: DE
date: Fri, 04 Nov 2022 04:52:36 GMT
gdr: NI
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/octet-stream
cf-ray: 764abdbf2a6690b5-FRA
content-length: 2

GET
H2 200 favicon.png
www.joocasinos2.com/resources/images/ 2 KB
2 KB 63ms
28ms Image
image/png 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.joocasinos2.com/resources/images/favicon.png?1667537556368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasino.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:36 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: MISS
last-modified: Thu, 03 Nov 2022 14:03:14 GMT
server: cloudflare
etag: "6363ca22-649"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 764abdbf89cebb4d-FRA
content-length: 1609
expires: Fri, 04 Nov 2022 08:52:36 GMT

GET
H2 200 favicon.png
www.joocasino.com/resources/images/ 2 KB
2 KB 68ms
34ms Image
image/png 172.64.144.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.joocasino.com/resources/images/favicon.png?1667537556368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasino.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:36 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: MISS
last-modified: Thu, 03 Nov 2022 14:03:14 GMT
server: cloudflare
etag: "6363ca22-649"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 764abdbf8fae922b-FRA
content-length: 1609
expires: Fri, 04 Nov 2022 08:52:36 GMT

GET
H2 200 Primary Request standard-welcome-package-up-to-1-000-eur-200-fs Show response
www.joocasinos2.com/landing-pages/ 3 KB
1 KB 35ms
35ms Document
text/html 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
Requested by: Host: www.joocasino.live
URL: https://www.joocasino.live/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85249594aaf9a7158807bbb31187e1b27fea03a4eb79cd50e9cf8a769017e8d7

Request headers

Referer: https://www.joocasino.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 764abdbfba05bb4d-FRA
content-encoding: gzip
content-type: text/html
date: Fri, 04 Nov 2022 04:52:36 GMT
etag: W/"6363ca22-a0c"
last-modified: Thu, 03 Nov 2022 14:03:14 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 18 KB
934 B 49ms
20ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;900&family=Rubik:wght@300;400;500;700;900&display=swap

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1f2f2c7f29fb287b16f64405066f0a9938edee6a91d5690dae7be8d62f3cb805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 04:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 04:52:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Nov 2022 04:52:36 GMT

GET
H2 200 css2
fonts.googleapis.com/ 26 KB
2 KB 47ms
18ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc140ef1e7c5d527ebb4e2e73107909cd646fd0bbdb10ebad305166c8c1b5204

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 04:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 03:03:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Nov 2022 04:52:36 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
631 B 48ms
19ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat+Alternates:wght@700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0ffb8c54467ae566df5efb670b905ca16e5e289556fa32dbc2df58ae32e8d42a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 04:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 04:52:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Nov 2022 04:52:36 GMT

GET
H2 200 index.js Show response
payments-lib.cdn.s7s.ai/v1/ 642 B
627 B 57ms
25ms Script
application/javascript 104.18.42.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-lib.cdn.s7s.ai/v1/index.js
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.42.221 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75f27772440e1088a13870476339046d464085306a299ae77bab075fda7324b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:36 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 157780
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
cf-ray: 764abdc03ecb902e-FRA
expires: Sun, 06 Nov 2022 04:52:36 GMT

GET
H2 200 runtime.e2638ad3.js Show response
www.joocasinos2.com/js/ 310 KB
93 KB 20ms
19ms Script
application/javascript 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.joocasinos2.com/js/runtime.e2638ad3.js
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6105b3a061e881af95449e0e5d1bb9944f7442774a9fb3edf90fe8e6e50f780

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:36 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 14:03:15 GMT
server: cloudflare
age: 1863
etag: W/"6363ca23-4d7d8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 764abdc00aa9bb4d-FRA
expires: Fri, 04 Nov 2022 08:52:36 GMT

GET
H2 200 main.aa215bf6.js Show response
www.joocasinos2.com/js/ 2 MB
555 KB 27ms
26ms Script
application/javascript 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.joocasinos2.com/js/main.aa215bf6.js
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a507fceafe6b62abaa2930d9fa6ddf857f26d1c9273a5f5e228beb517bd5dc99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:36 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 14:03:19 GMT
server: cloudflare
age: 1863
etag: W/"6363ca27-25c35c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 764abdc00aaabb4d-FRA
expires: Fri, 04 Nov 2022 08:52:36 GMT

GET
H2 200 2cdb2ab4.css
www.joocasinos2.com/css/ 566 KB
69 KB 17ms
17ms Stylesheet
text/css 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.joocasinos2.com/css/2cdb2ab4.css
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0885821afdc8a7ada5b34dfd1ed77ca8029870f5aee205b9587752481de37264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:36 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 14:03:08 GMT
server: cloudflare
age: 1863
etag: W/"6363ca1c-8d8a4"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 764abdbffa86bb4d-FRA
expires: Fri, 04 Nov 2022 08:52:36 GMT

GET
H2 200 common.0fa7b6c7.js Show response
www.joocasinos2.com/js/ 1 MB
211 KB 19ms
19ms Script
application/javascript 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.joocasinos2.com/js/common.0fa7b6c7.js
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 272dcddfdd753d0c9eeb08c23fb04be7b5b28c5f3e1289eefae72f90c5e0c417

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:36 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 14:03:19 GMT
server: cloudflare
age: 1863
etag: W/"6363ca27-179e63"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 764abdc00aabbb4d-FRA
expires: Fri, 04 Nov 2022 08:52:36 GMT

GET
H2 200 defaultVendors.0b499468.js Show response
www.joocasinos2.com/js/ 144 KB
48 KB 19ms
18ms Script
application/javascript 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.joocasinos2.com/js/defaultVendors.0b499468.js
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a97bdd935a8caa831e5f58f194e31ca58d97a547e5e6f0feb83cd79e2c109868

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:36 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 14:03:18 GMT
server: cloudflare
age: 1863
etag: W/"6363ca26-23f38"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 764abdc00aaebb4d-FRA
expires: Fri, 04 Nov 2022 08:52:36 GMT

GET
H2 200 app.7008f059.js Show response
www.joocasinos2.com/js/ 2 MB
168 KB 20ms
19ms Script
application/javascript 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.joocasinos2.com/js/app.7008f059.js
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fff7a13973f005a58bddb0971072ab53dd409025a8218d2b632303f7653ef2a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:36 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 14:03:20 GMT
server: cloudflare
age: 1863
etag: W/"6363ca28-1f779d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 764abdc00ab0bb4d-FRA
expires: Fri, 04 Nov 2022 08:52:36 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
734 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@400;700&display=swap

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/css/2cdb2ab4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

86af09d351c0a3be01506ecbff333a4e35474f82442f1fd632a609626e3cd6f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 04:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 03:11:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Nov 2022 04:52:36 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
610 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald&display=swap

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/css/2cdb2ab4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

710eaf5de9e92f3e678aaa8c5789dc4fd9a7537ba964c94041f28f415f6adc7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 04:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 03:36:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Nov 2022 04:52:36 GMT

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 113 KB
37 KB 51ms
7ms Script
application/javascript 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: c8904e3972e2d84a7e2f4e93b99b991cddf5039156cacbaa1b900bc35b266d97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:36 GMT
content-encoding: br
cdn-edgestorageid: 713
perma-cache: HIT
cdn-storageserver: DE-199
cdn-cachedat: 11/02/2022 17:27:09
cdn-pullzone: 293267
last-modified: Wed, 02 Nov 2022 17:26:43 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 292
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6362a853-1c308"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 7f29b708a1b214f4521497ad35b06e21
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 preload.js Show response
front.optimonk.com/public/173861/js/ 5 KB
2 KB 51ms
16ms Script
application/javascript 157.245.25.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/173861/js/preload.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

fb4c9d8245c225f80816fe88a3ccc7d00ea195007e7ed63841082fb26adfa65d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
etag: W/"122b-8VMnPg1LdLgqJ+D9eo7exvAPeY8"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1350
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 track.js Show response
assets.customer.io/assets/ 6 KB
2 KB 80ms
17ms Script
application/javascript 2600:9000:211e:b400:11:9cfd:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.customer.io/assets/track.js
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:b400:11:9cfd:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2a8fe9937142fec97a094bab0238491f836de170b7b26487d0161eace8f7ce8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 08:24:29 GMT
content-encoding: br
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
last-modified: Fri, 21 Oct 2022 17:44:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 73688
etag: W/"4c5f83ddacacecc5a74e105c6940b5ca"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: G9KEgP-YVL94Gl8cXQIZV9u01hT6F0DNqzv5xAFCiyFQoOxozcgn8Q==

POST
H2 200 / Show response
sentry.softswiss.net/api/17/envelope/ 2 B
226 B 51ms
23ms Fetch
application/json 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.softswiss.net/api/17/envelope/?sentry_key=d4f03b5656424d369ad251ea35d2fc65&sentry_version=7

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.115.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.joocasinos2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Nov 2022 04:52:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.joocasinos2.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
cf-ray: 764abdc23acf9b21-FRA
content-length: 2

GET
H2 200 project Show response
www.joocasinos2.com/api/info/ 247 B
576 B 23ms
23ms XHR
application/vnd.softswiss.v1+json 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.joocasinos2.com/api/info/project

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f1c964b984656921b9905dbade6b53106a93729ed41977662f3a6882a843322

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 764abdc25d83bb4d-FRA
x-runtime: 0.004294
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"8f1c964b984656921b9905dbade6b531"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 764abdc25d83bb4d-FRA

GET
H2 200 player Show response
www.joocasinos2.com/api/ 17 B
159 B 32ms
31ms XHR
application/vnd.softswiss.v1+json 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.joocasinos2.com/api/player

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72006d81d8e2e779e60db60bf0bdecfae011822b76e1f8dc688d6b27d775f2d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 764abdc25d8bbb4d-FRA
x-runtime: 0.003410
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"72006d81d8e2e779e60db60bf0bdecfa"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: no-store
cf-ray: 764abdc25d8bbb4d-FRA

GET
H2 200 current_ip Show response
www.joocasinos2.com/api/ 83 B
184 B 28ms
27ms XHR
application/json 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.joocasinos2.com/api/current_ip
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e84719adeec11448970536601cdbf51e677c23c329c700192f560d5cc3639e60

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-runtime: 0.000516
date: Fri, 04 Nov 2022 04:52:36 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
cf-ray: 764abdc26d92bb4d-FRA
x-request-id: 764abdc26d92bb4d-FRA

GET
H2 200 locales Show response
www.joocasinos2.com/api/info/ 1 KB
875 B 33ms
32ms XHR
application/vnd.softswiss.v1+json 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.joocasinos2.com/api/info/locales?stag=16284_63649a933ae604677351e181&__layerref=http%253A%252F%252Fquasuokbw.aeshahealyourlife.org%252F

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5da6e407387467dd4c90789cf7e3948f67be7ecbe2b482d243f85de8fe45e386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 764abdc26d9cbb4d-FRA
x-runtime: 0.004915
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"5da6e407387467dd4c90789cf7e3948f"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 764abdc26d9cbb4d-FRA

GET
H2 200 restrictions Show response
www.joocasinos2.com/api/ 230 KB
53 KB 26ms
26ms XHR
application/vnd.softswiss.v1+json 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.joocasinos2.com/api/restrictions

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

909b8eecd82f0fe5104788596b709eacec95421bf61a8265f1b0d1405de11fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 764abdc26d9ebb4d-FRA
x-runtime: 0.004452
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"909b8eecd82f0fe5104788596b709eac"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 764abdc26d9ebb4d-FRA

GET
H2 200 marks Show response
www.joocasinos2.com/api/restrictions/ 400 B
282 B 33ms
32ms XHR
application/vnd.softswiss.v1+json 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.joocasinos2.com/api/restrictions/marks

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d4139c3225b7800b97932ecb40b0716a45de527467b9dd641980ccac39f4895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 764abdc26da3bb4d-FRA
x-runtime: 0.004689
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"1d4139c3225b7800b97932ecb40b0716"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 764abdc26da3bb4d-FRA

GET
H2 200 settings Show response
www.joocasinos2.com/api/player/ 274 B
351 B 30ms
29ms XHR
application/vnd.softswiss.v1+json 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.joocasinos2.com/api/player/settings

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b27cb23fe25a2d8ee82715db8d05e8880c5691726cd8a9bdb2f3775a8605c700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 764abdc27dabbb4d-FRA
x-runtime: 0.003540
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"b27cb23fe25a2d8ee82715db8d05e888"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 764abdc27dabbb4d-FRA

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 48ms
17ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:36 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1152
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 764abdc2af1f9a0c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 07 Nov 2022 04:52:36 GMT

GET
H2 200 fe386496.css
www.joocasinos2.com/css/ 494 KB
91 KB 15ms
15ms Stylesheet
text/css 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.joocasinos2.com/css/fe386496.css
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/runtime.e2638ad3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e746f251d740251b643a3a53f6514ab9477c1867f45862155839633ab52d3ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:36 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 14:03:08 GMT
server: cloudflare
age: 1857
etag: W/"6363ca1c-7b831"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 764abdc27db0bb4d-FRA
expires: Fri, 04 Nov 2022 08:52:36 GMT

GET
H2 200 769903eb.css
www.joocasinos2.com/css/ 156 KB
29 KB 14ms
14ms Stylesheet
text/css 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.joocasinos2.com/css/769903eb.css
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/runtime.e2638ad3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ecb933a415566e1d91f0f4c0a108cd44c115d4c22597db766360c343f049e84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:36 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 14:03:08 GMT
server: cloudflare
age: 1857
etag: W/"6363ca1c-26f86"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 764abdc28dbcbb4d-FRA
expires: Fri, 04 Nov 2022 08:52:36 GMT

GET
H2 200 en.json Show response
www.joocasinos2.com/locales/ 46 KB
15 KB 18ms
18ms XHR
application/json 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.joocasinos2.com/locales/en.json?hash=68118c62359dbe6fffb254dbabfca097
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b0caac0bb1cb7f53b6b0822400292702deeb03385bcb3639aae1f59e433419a

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:36 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
last-modified: Thu, 03 Nov 2022 14:03:20 GMT
server: cloudflare
etag: W/"6363ca28-b7a8"
content-type: application/json
cf-ray: 764abdc28dc4bb4d-FRA

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 ping.png
cdn2.softswiss.net/ 926 B
1 KB 64ms
31ms Image
image/png 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.softswiss.net/ping.png?1667537556872
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a11849ca516f93f71253486d07b192542bbdc550ee18e5458e76b89bcd403e88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:36 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: MISS
last-modified: Thu, 27 Jun 2019 06:47:11 GMT
server: cloudflare
etag: "5d14666f-39e"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 764abdc2ccd39174-FRA
content-length: 926

POST
H2 202 rum
rum.browser-intake-datadoghq.eu/api/v2/ 0
0 116ms
73ms Ping
application/json 2600:1901:0:7047::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.11.5%2Cenv%3Aproduction%2Cservice%3Ajoocasino-(princess_com)%2Cversion%3A1.0.86&dd-api-key=pube5ccec668a34c9c9865ffc4cefd0ab2f&dd-evp-origin-version=4.11.5&dd-evp-origin=browser&dd-request-id=29579302-197e-4fa7-9ff3-3095b9578085&batch_time=1667537557023
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7047:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.joocasinos2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 preload-base.c6df0a97.js Show response
front.optimonk.com/ 55 KB
18 KB 15ms
15ms Script
application/javascript 157.245.25.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/preload-base.c6df0a97.js

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/public/173861/js/preload.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

c9e0ee7ae1c4e56f142201efaf028e1f2cf71a39fba1311d44e152c9848605f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
etag: W/"db33-hEiX3z4X9V/br+2qZE+OhXUj6pw"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 18 KB
3 KB 9ms
9ms Stylesheet
text/css 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: 103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:37 GMT
content-encoding: br
cdn-edgestorageid: 713
perma-cache: MISS
x-amz-request-id: 1HG1GSMWYKZMXVFF
cdn-cachedat: 11/02/2022 17:26:35
cdn-pullzone: 293267
x-amz-id-2: bP8MKR9wxPmOFHvbpbWqkX5cacMO1tj4HI32bzaDcAOM/j/b0P06NsK9i4qMdfidlvru+54Lwt4=
last-modified: Wed, 02 Nov 2022 17:26:24 GMT
server: BunnyCDN-DE-713
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"fdfc47d7f4872c3530f2516e9f42a6ed"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 0e5ecc6848c9dd82f7fc4ab56aa17c43
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 401 155955 Show response
api.omappapi.com/v2/embed/ 104 B
475 B 224ms
143ms XHR
application/json 108.156.60.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/155955?d=joocasinos2.com
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-55.ams1.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 96761d41e062b92d3cf8328eb49c18a86dd6a7af96fd752ee955c9078bf493f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:37 GMT
x-user-agent: standard--
via: 1.1 4e56f2db762d3ef43c44c76cad53cb72.cloudfront.net (CloudFront)
x-cache-config: 0 0
server: Pagely Gateway/1.5.1
x-amz-cf-pop: AMS1-P2
vary: Accept-Encoding, User-Agent
x-cache: Error from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: X-CSRF-Token
content-length: 104
x-amz-cf-id: WO1HoKi09iwMzgH94vTaR7iYAjYfIw47c7HfWmVPC5Ij5HK5qMhivw==

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 161ms
15ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joocasinos2.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 03:39:12 GMT
x-content-type-options: nosniff
age: 90805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2023 03:39:12 GMT

GET
H2 200 icomoon.0ec56002..ttf
www.joocasinos2.com/fonts/ 22 KB
22 KB 14ms
13ms Font
application/octet-stream 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.joocasinos2.com/fonts/icomoon.0ec56002..ttf
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/css/2cdb2ab4.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 727305f298e0181826720125a4d5dfcb7ba203b1ec2f3b5ade8849de7fd4e8da

Request headers

Referer: https://www.joocasinos2.com/css/2cdb2ab4.css
Origin: https://www.joocasinos2.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:37 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 14:03:08 GMT
server: cloudflare
age: 505
etag: "6363ca1c-5730"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 764abdc43f32bb4d-FRA
content-length: 22320
expires: Fri, 04 Nov 2022 08:52:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 153ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joocasinos2.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 302865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 16:44:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 158ms
13ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joocasinos2.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 16:40:56 GMT
x-content-type-options: nosniff
age: 130301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 16:40:56 GMT

GET
H2 200 collections Show response
www.joocasinos2.com/api/games/ 3 KB
1 KB 22ms
22ms XHR
application/vnd.softswiss.v1+json 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.joocasinos2.com/api/games/collections?device=desktop

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56739b656d4d73286dfd9e28a79b14e4986094c6f35b5ee765940cb1911d2cd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 764abdc46f4fbb4d-FRA
x-runtime: 0.003008
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"56739b656d4d73286dfd9e28a79b14e4"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 764abdc46f4fbb4d-FRA

GET
H2 200 providers Show response
www.joocasinos2.com/api/games/ 4 KB
1 KB 38ms
37ms XHR
application/vnd.softswiss.v1+json 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.joocasinos2.com/api/games/providers?device=desktop

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

079fc7379f4694d8d44630039ae5d4148acebe8ef61b82748bf70c76b6024bfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 764abdc46f56bb4d-FRA
x-runtime: 0.004021
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"079fc7379f4694d8d44630039ae5d414"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 764abdc46f56bb4d-FRA

GET
H2 200 player_fields Show response
www.joocasinos2.com/api/info/ 8 KB
1 KB 27ms
27ms XHR
application/vnd.softswiss.v1+json 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.joocasinos2.com/api/info/player_fields

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de7631275f425df38038e0dda0ccd175cfc7dbfaf74dcf115a43b7e76eb8b323

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 764abdc47f65bb4d-FRA
x-runtime: 0.007637
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"de7631275f425df38038e0dda0ccd175"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 764abdc47f65bb4d-FRA

GET
H2 200 allowed_desktop Show response
www.joocasinos2.com/api/games/ 4 MB
1 MB 29ms
28ms XHR
application/vnd.softswiss.v1+json 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.joocasinos2.com/api/games/allowed_desktop

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccbfcebf570b5d1f7b2eee143293bf8d5153d79ad8523f729c7906d5ac1de947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 764abdc47f66bb4d-FRA
x-runtime: 0.007474
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"ccbfcebf570b5d1f7b2eee143293bf8d"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 764abdc47f66bb4d-FRA

GET
H2 200 currencies Show response
www.joocasinos2.com/api/info/ 3 KB
599 B 36ms
36ms XHR
application/vnd.softswiss.v1+json 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.joocasinos2.com/api/info/currencies

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18e807854bdeb5ab195abd56559c6f3e8a5712b433f15a84fc25856686ee5532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 764abdc48f78bb4d-FRA
x-runtime: 0.003064
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"18e807854bdeb5ab195abd56559c6f3e"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 764abdc48f78bb4d-FRA

GET
H2 200 ls-sticker-wheel.png
www.joocasinos2.com/images/lucky-spin/ 14 KB
14 KB 16ms
15ms Image
image/png 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.joocasinos2.com/images/lucky-spin/ls-sticker-wheel.png
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ededff02718be09a59e2914ca23d1ebd61ccd84848e14c137efb080714423ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:37 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 14:03:13 GMT
server: cloudflare
age: 4740
etag: "6363ca21-366c"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 764abdc49f89bb4d-FRA
content-length: 13932
expires: Fri, 04 Nov 2022 08:52:37 GMT

GET
H2 200 1fcc4700.css
www.joocasinos2.com/css/ 2 KB
682 B 27ms
26ms Stylesheet
text/css 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.joocasinos2.com/css/1fcc4700.css
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/runtime.e2638ad3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5a9862297aade5bb5f17b23bb5d69ffc7a4d2e9e2ee9f012058b9847856bf2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:37 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: REVALIDATED
last-modified: Thu, 03 Nov 2022 14:03:08 GMT
server: cloudflare
etag: W/"6363ca1c-6b2"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 764abdc49f8bbb4d-FRA
expires: Fri, 04 Nov 2022 08:52:37 GMT

GET
H2 200 pages_error.94d92ee5.js Show response
www.joocasinos2.com/js/ 1 KB
638 B 28ms
27ms Script
application/javascript 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.joocasinos2.com/js/pages_error.94d92ee5.js
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/runtime.e2638ad3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89790c70b7e27999279ce1fe87048f0c27b03231531214e03671eac5e0aee58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:37 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: REVALIDATED
last-modified: Thu, 03 Nov 2022 14:03:15 GMT
server: cloudflare
etag: W/"6363ca23-426"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 764abdc4af8fbb4d-FRA
expires: Fri, 04 Nov 2022 08:52:37 GMT

GET
H2 200 650855d4.css
www.joocasinos2.com/css/ 6 KB
2 KB 16ms
16ms Stylesheet
text/css 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.joocasinos2.com/css/650855d4.css
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/runtime.e2638ad3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f707d25ffacc091a4e503e2f589aba90ac0569d539c5204aa445a7ace896295d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:37 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 14:03:08 GMT
server: cloudflare
age: 1855
etag: W/"6363ca1c-1953"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 764abdc4af91bb4d-FRA
expires: Fri, 04 Nov 2022 08:52:37 GMT

GET
H2 200 pages_games.4f736f17.js Show response
www.joocasinos2.com/js/ 8 KB
3 KB 17ms
17ms Script
application/javascript 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.joocasinos2.com/js/pages_games.4f736f17.js
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/runtime.e2638ad3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91b446334115a2e5d06dd0b5f0b0382c3943a76a69de89d91cae7f4cc967a045

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:37 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 14:03:16 GMT
server: cloudflare
age: 1855
etag: W/"6363ca24-1f2b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 764abdc4af97bb4d-FRA
expires: Fri, 04 Nov 2022 08:52:37 GMT

GET
H2 200 0fd5b9cc.css
www.joocasinos2.com/css/ 12 KB
3 KB 22ms
20ms Stylesheet
text/css 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.joocasinos2.com/css/0fd5b9cc.css
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/runtime.e2638ad3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87d4a08e36012c4023795840f8e7229d2463514283d829af0232fdd09f3af4fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:37 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 14:03:08 GMT
server: cloudflare
age: 1855
etag: W/"6363ca1c-2f11"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 764abdc4af9cbb4d-FRA
expires: Fri, 04 Nov 2022 08:52:37 GMT

GET
H2 200 pages_.3aede9fb.js Show response
www.joocasinos2.com/js/ 164 KB
28 KB 15ms
15ms Script
application/javascript 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.joocasinos2.com/js/pages_.3aede9fb.js
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/runtime.e2638ad3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baf92e3ce0c1e541c476b6219fc55ba9ddc19f4b96d98906147e871b5d1f77fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:37 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 14:03:15 GMT
server: cloudflare
age: 1855
etag: W/"6363ca23-28eec"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 764abdc4afa1bb4d-FRA
expires: Fri, 04 Nov 2022 08:52:37 GMT

GET
H2 200 de.json Show response
www.joocasinos2.com/locales/ 34 KB
11 KB 19ms
19ms XHR
application/json 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.joocasinos2.com/locales/de.json?hash=d90eb28a3f70ef1a1aea75e656ef8157
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08022c77620e37c5dafd37b485dcaca376962c6911cde6e178ca64f8ff6fd1fd

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:37 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
last-modified: Thu, 03 Nov 2022 14:03:20 GMT
server: cloudflare
etag: W/"6363ca28-8710"
content-type: application/json
cf-ray: 764abdc5382dbb4d-FRA

GET
H2 200 cms-pages_de-landing-pages-standard-welcome-package-up-to-1-000-eur-200-fs.7d2887e6.js Show response
www.joocasinos2.com/js/ 11 KB
2 KB 30ms
29ms Script
application/javascript 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.joocasinos2.com/js/cms-pages_de-landing-pages-standard-welcome-package-up-to-1-000-eur-200-fs.7d2887e6.js
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/runtime.e2638ad3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddc5c262549048a80cc3d9fcaa3175b54de291e34e299ca2616865bca892d7a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:37 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: REVALIDATED
last-modified: Thu, 03 Nov 2022 14:03:15 GMT
server: cloudflare
etag: W/"6363ca23-2a98"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 764abdc53835bb4d-FRA
expires: Fri, 04 Nov 2022 08:52:37 GMT

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v21/ 33 KB
33 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;900&family=Rubik:wght@300;400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joocasinos2.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 21:17:16 GMT
x-content-type-options: nosniff
age: 286521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33580
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 21:17:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joocasinos2.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 12:01:13 GMT
x-content-type-options: nosniff
age: 60684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2023 12:01:13 GMT

GET
H2 200 cms-pages_en-landing-pages-standard-welcome-package-up-to-1-000-eur-200-fs.96cd45cb.js Show response
www.joocasinos2.com/js/ 11 KB
2 KB 32ms
32ms Script
application/javascript 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.joocasinos2.com/js/cms-pages_en-landing-pages-standard-welcome-package-up-to-1-000-eur-200-fs.96cd45cb.js
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/runtime.e2638ad3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6721864f43c54b191639f0da7e42f70ea647048ffe4d78d6eca79e8927ac6c43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:37 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: MISS
last-modified: Thu, 03 Nov 2022 14:03:19 GMT
server: cloudflare
etag: W/"6363ca27-2a79"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 764abdc5988cbb4d-FRA
expires: Fri, 04 Nov 2022 08:52:37 GMT

POST
H2 200 / Show response
sentry.softswiss.net/api/17/envelope/ 2 B
118 B 24ms
23ms Fetch
application/json 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.softswiss.net/api/17/envelope/?sentry_key=d4f03b5656424d369ad251ea35d2fc65&sentry_version=7

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.115.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.joocasinos2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Nov 2022 04:52:37 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.joocasinos2.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
cf-ray: 764abdc59fd89b21-FRA
content-length: 2

POST
H2 200 / Show response
sentry.softswiss.net/api/17/envelope/ 2 B
57 B 23ms
22ms Fetch
application/json 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.softswiss.net/api/17/envelope/?sentry_key=d4f03b5656424d369ad251ea35d2fc65&sentry_version=7

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.115.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.joocasinos2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Nov 2022 04:52:37 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.joocasinos2.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
cf-ray: 764abdc5afdd9b21-FRA
content-length: 2

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 31ms
21ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:37 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1152
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 764abdc66ff39b69-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 07 Nov 2022 04:52:37 GMT

POST
H3 202 rum
rum.browser-intake-datadoghq.eu/api/v2/ 0
0 76ms
65ms Ping
application/json 2600:1901:0:7047::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.11.5%2Cenv%3Aproduction%2Cservice%3Ajoocasino-(princess_com)%2Cversion%3A1.0.86&dd-api-key=pube5ccec668a34c9c9865ffc4cefd0ab2f&dd-evp-origin-version=4.11.5&dd-evp-origin=browser&dd-request-id=1a696e32-b1f1-4bea-8158-b826cb7f6f6e&batch_time=1667537557497
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:7047:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.joocasinos2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 jfclientsdk.min.js Show response
gs-cdn.optimonk.com/jfclientsdk/latest/ 95 KB
32 KB 82ms
10ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12
Requested by: Host: front.optimonk.com
URL: https://front.optimonk.com/preload-base.c6df0a97.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: 85f0b9ca412b1b2c5ce84007871323a0d6f3e532e7b8a726026b458a1656c1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:37 GMT
content-encoding: br
cdn-edgestorageid: 832
age: 3
x-guploader-uploadid: ADPycdtkHXusJsz_l_0RFn0nSbV4uZUl5UAlVeFuzkif7PDEezq_jj_509nzkB11J0HVVksBwhRG1ITkOxbgfHPHXZqGcD0Z3PR1
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 09/30/2022 02:40:12
cdn-pullzone: 592317
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
last-modified: Thu, 23 Jun 2022 11:01:56 GMT
server: BunnyCDN-DE-832
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"0d51daede184576e937e1d8135d6e64d"
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1655982116491970
content-type: application/javascript
content-language: en
x-goog-hash: crc32c=KnNijw==, md5=DVHa7eGEV26Tfh2BNdbmTQ==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=2592000
x-goog-stored-content-length: 97067
cdn-cache: HIT
cdn-requestid: cc694db03cbceeb875f9da39b2b03fb2
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 load Show response
front.optimonk.com/public/173861/js/ 0
347 B 29ms
14ms XHR
application/javascript 157.245.25.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/173861/js/load

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.joocasinos2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 04 Nov 2022 04:52:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-dns-prefetch-control: off
access-control-allow-origin: *
cache-control: no-cache
x-xss-protection: 1; mode=block

GET
H2 200 recommended_sortings Show response
www.joocasinos2.com/api/games/ 2 B
301 B 52ms
51ms XHR
application/vnd.softswiss.v1+json 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.joocasinos2.com/api/games/recommended_sortings?currency=FUN

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.softswiss.v1+json
Referer: https://www.joocasinos2.com/de/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 764abdc6fa22bb4d-FRA
x-runtime: 0.031638
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"44136fa355b3678a1146ad16f7e8649e"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/vnd.softswiss.v1+json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 764abdc6fa22bb4d-FRA

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;900&family=Rubik:wght@300;400;500;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joocasinos2.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 16:06:09 GMT
x-content-type-options: nosniff
age: 218788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 16:06:09 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joocasinos2.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 11:59:40 GMT
x-content-type-options: nosniff
age: 60777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2023 11:59:40 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/ff4de79a-d31e-4122-8f86-9a5f286e5236/ 5 KB
2 KB 28ms
16ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/ff4de79a-d31e-4122-8f86-9a5f286e5236/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4704753282ed83afb0f2d50ee4f58590fcd491f7f1e0a4f676410d9b3cdc4595

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:37 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 2456
cf-polished: origSize=5161
status: 200 OK
x-envoy-upstream-service-time: 32
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 246cce37-fef1-4603-aa72-a61a182f0480
x-runtime: 0.031124
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"205ebad085122ea2fe9cad51e12ca866"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 764abdc7ad359a0c-FRA
access-control-allow-headers: SDK-Version
expires: Fri, 04 Nov 2022 05:52:37 GMT

GET
H2 200 jackpot-game-tag.17ead5f6..svg
www.joocasinos2.com/images/ 724 B
553 B 17ms
16ms Image
image/svg+xml 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.joocasinos2.com/images/jackpot-game-tag.17ead5f6..svg
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/css/fe386496.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 701a8084c52ba8d9429d83bdcfd18a015cbf278c4b54385be5705f2a3dc17d2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/css/fe386496.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:38 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 14:03:10 GMT
server: cloudflare
age: 2318
etag: W/"6363ca1e-2d4"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 764abdcd686cbb4d-FRA
expires: Fri, 04 Nov 2022 08:52:38 GMT

GET
DATA 200
OK truncated
/ 321 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a5136e4ce5619d954ea4b89c17978a66bb07e825c6f74d4ee1f2dd411c2131c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 / Show response
jfapiprod.optimonk.com/v2/ 26 B
196 B 162ms
140ms Fetch
application/json 34.117.177.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://jfapiprod.optimonk.com/v2/
Requested by: Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.177.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.177.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854

Request headers

Referer: https://www.joocasinos2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 04 Nov 2022 04:52:38 GMT
via: 1.1 google
etag: W/"1a-oDk6RB3+SLV96sulj5WuSYroQto"
content-length: 26
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

POST
H3 202 rum
rum.browser-intake-datadoghq.eu/api/v2/ 0
0 19ms
18ms Ping
application/json 2600:1901:0:7047::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.11.5%2Cenv%3Aproduction%2Cservice%3Ajoocasino-(princess_com)%2Cversion%3A1.0.86&dd-api-key=pube5ccec668a34c9c9865ffc4cefd0ab2f&dd-evp-origin-version=4.11.5&dd-evp-origin=browser&dd-request-id=43f16b6e-4e3c-4d97-9b30-6437b3f3feef&batch_time=1667537558884
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:7047:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.joocasinos2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 205 KB
68 KB 40ms
16ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-55RTWWR&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: quasuokbw.aeshahealyourlife.org
URL: http://quasuokbw.aeshahealyourlife.org/rd/c3353ijDnP12719rVmz40668EIJ49106eyRd1077

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1134f572c0d1d985517d740e8ae6d2008f9c424c56837d555464df1a11025a2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68943
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 04 Nov 2022 04:52:38 GMT

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 84 KB
26 KB 39ms
8ms Script
application/javascript 23.36.162.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-17.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c18fa9cc0e6c0d2e52ea2c16385e1de3bef15822ffe047ba280c4c4ad96a5058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: J0ZctSlvHtSRiIvfxqT23ytGFYmKTZjx
content-encoding: br
date: Fri, 04 Nov 2022 04:52:38 GMT
last-modified: Mon, 24 Oct 2022 08:58:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"481c490ab1b0f3f7814823d600c180a0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
x-amz-cf-id: O9F0Q5_Qje5TlnhZJhHZ3_fo7S9TTRYNOth8BPQMEGI0E3PC2gKEoQ==
content-length: 25733
expires: Fri, 04 Nov 2022 12:52:38 GMT

GET
H2 200 lazy.js Show response
payments-lib.cdn.s7s.ai/v1/ 215 KB
57 KB 22ms
21ms Script
application/javascript 104.18.42.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-lib.cdn.s7s.ai/v1/lazy.js
Requested by: Host: payments-lib.cdn.s7s.ai
URL: https://payments-lib.cdn.s7s.ai/v1/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.42.221 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55e4e04ddcd872bf3755f30de95f3d4996a7a1fc1579f7b91bc76cce93baba00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:38 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 157763
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
cf-ray: 764abdcf1bfd902e-FRA
expires: Sun, 06 Nov 2022 04:52:38 GMT

GET
H2 200 apg-seal.js Show response
4d4d5e53-57bf-4790-9fe6-1fe679506a1b.snippet.antillephone.com/ 3 KB
2 KB 127ms
73ms Script
text/javascript 2600:9000:223c:6c00:b:5f76:2600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://4d4d5e53-57bf-4790-9fe6-1fe679506a1b.snippet.antillephone.com/apg-seal.js

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6c00:b:5f76:2600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b0cd51fcbe153ede82381a02014f66d8d2d0fd5d4e3126cf5b8e20290250ab8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:39 GMT
content-encoding: gzip
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: FRA56-P2
x-powered-by: Express
etag: W/"c8d-exLD1natDy3m8Tlk6Yiw7Ak3GL8"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
cf-ray: 764abdcf89c191ed-FRA
x-amz-cf-id: 7qzqyl5Tqlp4paHdcqovn6Hlmef7qS-G3Y2K1iWQggthi8v3QTUHGQ==

GET
H2 200 1.1_1920-7.png
www.joocasinos2.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBdEtnIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--42dd49c93f1b1148c520d4159c3f855562f8593b/ 2 MB
2 MB 151ms
149ms Image
image/png 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.joocasinos2.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBdEtnIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--42dd49c93f1b1148c520d4159c3f855562f8593b/1.1_1920-7.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31b4a10e6ff75662247af1ad3eeee8d995115917f9a43a221eab8e328a58fab6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/de/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:39 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: REVALIDATED
x-amz-request-id: 1724248D0FA55DD2
content-disposition: inline; filename="1.1_1920-7.png"; filename*=UTF-8''1.1_1920-7.png
content-length: 2122423
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 01 Nov 2022 15:38:07 GMT
server: cloudflare
etag: "45f640112da5cd4e072b7678b668b846"
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 764abdcf3a8abb4d-FRA
expires: Fri, 04 Nov 2022 08:52:39 GMT

GET
H2 200 2.2_1248-7.png
www.joocasinos2.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBdHFnIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--0a4aaa12e819757133d3acc0f774ad4c1d863d07/ 1 MB
1 MB 98ms
95ms Image
image/png 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.joocasinos2.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBdHFnIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--0a4aaa12e819757133d3acc0f774ad4c1d863d07/2.2_1248-7.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cc1dad58e6bec791b843be1ab166dba1ae38495fcce9d82dcc25b77d4595474

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/de/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:39 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: REVALIDATED
x-amz-request-id: 1724248D0E90B8BB
content-disposition: inline; filename="2.2_1248-7.png"; filename*=UTF-8''2.2_1248-7.png
content-length: 1442729
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 01 Nov 2022 15:38:13 GMT
server: cloudflare
etag: "cc15e48120dfc990df4a6fc081163452"
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 764abdcf3a8dbb4d-FRA
expires: Fri, 04 Nov 2022 08:52:38 GMT

GET
H2 200 3.3_768-7.png
www.joocasinos2.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBdCtnIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--f4f11351d52fc7c64d6b84480602c1602937ddf2/ 793 KB
794 KB 219ms
217ms Image
image/png 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.joocasinos2.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBdCtnIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--f4f11351d52fc7c64d6b84480602c1602937ddf2/3.3_768-7.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e8f3c7e7e17c973a83acb5a27f1b5426c947105cb221b021a20b73cf069cc99

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/de/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:39 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: MISS
x-amz-request-id: 172448932E3DAD27
content-disposition: inline; filename="3.3_768-7.png"; filename*=UTF-8''3.3_768-7.png
content-length: 811771
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 01 Nov 2022 15:38:21 GMT
server: cloudflare
etag: "a332f5361ebfba7b3ea7a67f3848c904"
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 764abdcf3a8fbb4d-FRA
expires: Fri, 04 Nov 2022 08:52:39 GMT

GET
H2 200 4.4_320-7.png
www.joocasinos2.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBdVdnIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--0a7cc34dca25da0fb86a14cd1df3d24e4e465605/ 301 KB
301 KB 152ms
150ms Image
image/png 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.joocasinos2.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBdVdnIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--0a7cc34dca25da0fb86a14cd1df3d24e4e465605/4.4_320-7.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6d6cebc51593fc28f880332d862320be0535654a9cba447a6ff05046d1671fb

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/de/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:39 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: REVALIDATED
x-amz-request-id: 1724248D1CDE85D4
content-disposition: inline; filename="4.4_320-7.png"; filename*=UTF-8''4.4_320-7.png
content-length: 308099
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 01 Nov 2022 15:38:28 GMT
server: cloudflare
etag: "413364db46b174cee9277f481e0d9a93"
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 764abdcf3a92bb4d-FRA
expires: Fri, 04 Nov 2022 08:52:39 GMT

GET
H2 200 logo--horizontal.afbb53ec..svg
www.joocasinos2.com/images/ 11 KB
5 KB 24ms
22ms Image
image/svg+xml 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.joocasinos2.com/images/logo--horizontal.afbb53ec..svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b181cbe191e567bafea6cd601bf74c4d8fcb92c92f1b8239397b2346cb5d3c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/de/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:38 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: REVALIDATED
last-modified: Thu, 03 Nov 2022 14:03:11 GMT
server: cloudflare
etag: W/"6363ca1f-2cb6"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 764abdcf3a94bb4d-FRA
expires: Fri, 04 Nov 2022 08:52:38 GMT

GET
H2 200 keep-calm-cash.c58c843b..svg
www.joocasinos2.com/images/ 4 KB
1 KB 29ms
27ms Image
image/svg+xml 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.joocasinos2.com/images/keep-calm-cash.c58c843b..svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4687404ff6dc29d0f95acc9cf20f2023a6f8c4a6fc0e76aa239850b4ef86d991

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/de/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:38 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: REVALIDATED
last-modified: Thu, 03 Nov 2022 14:03:10 GMT
server: cloudflare
etag: W/"6363ca1e-111f"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 764abdcf3a96bb4d-FRA
expires: Fri, 04 Nov 2022 08:52:38 GMT

GET
H2 200 keep-calm-history.5f07c069..svg
www.joocasinos2.com/images/ 3 KB
859 B 29ms
28ms Image
image/svg+xml 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.joocasinos2.com/images/keep-calm-history.5f07c069..svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93967d165e5eec38cc43df0c486ae0f4e89af2c9e8a674e7c8c3c2a20d98ec4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/de/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:38 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: REVALIDATED
last-modified: Thu, 03 Nov 2022 14:03:11 GMT
server: cloudflare
etag: W/"6363ca1f-bca"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 764abdcf3a98bb4d-FRA
expires: Fri, 04 Nov 2022 08:52:38 GMT

GET
H2 200 keep-calm-deposits.905f477b..svg
www.joocasinos2.com/images/ 4 KB
1 KB 32ms
31ms Image
image/svg+xml 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.joocasinos2.com/images/keep-calm-deposits.905f477b..svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a86b50faf5d959344444e64c626bdf8ded70acb431b44519105ba4cecc2d3a3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/de/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:38 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: REVALIDATED
last-modified: Thu, 03 Nov 2022 14:03:09 GMT
server: cloudflare
etag: W/"6363ca1d-e26"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 764abdcf3a9abb4d-FRA
expires: Fri, 04 Nov 2022 08:52:38 GMT

GET
H2 200 keep-calm-privacy.7b41b1a1..svg
www.joocasinos2.com/images/ 5 KB
1 KB 28ms
26ms Image
image/svg+xml 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.joocasinos2.com/images/keep-calm-privacy.7b41b1a1..svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93378c79bf3938bf62116cbda4038e79ce4aa5ec56c906192f7b5d141cdf1c73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/de/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:38 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: REVALIDATED
last-modified: Thu, 03 Nov 2022 14:03:10 GMT
server: cloudflare
etag: W/"6363ca1e-148c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 764abdcf3a9bbb4d-FRA
expires: Fri, 04 Nov 2022 08:52:38 GMT

GET
H2 200 promo-land-1.png
www.joocasinos2.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBczZnIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--87aded081422af533fe0dbdb89c0f9a2b4995e11/ 473 KB
473 KB 207ms
206ms Image
image/png 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.joocasinos2.com/cms/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBczZnIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--87aded081422af533fe0dbdb89c0f9a2b4995e11/promo-land-1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

503b72121bef0bcd9f5d7022c04ad0159cb04490f6f88908137be8a747dba0bb

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/de/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:39 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: MISS
x-amz-request-id: 172448932DF8F78C
content-disposition: inline; filename="promo-land-1.png"; filename*=UTF-8''promo-land-1.png
content-length: 483902
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 01 Nov 2022 15:37:39 GMT
server: cloudflare
etag: "8e530c54f92bbb720b799b85a8b32e55"
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 764abdcf3a9cbb4d-FRA
expires: Fri, 04 Nov 2022 08:52:39 GMT

GET
H2 200 cookie.svg
www.joocasinos2.com/images/ 2 KB
896 B 22ms
22ms Image
image/svg+xml 172.64.146.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.joocasinos2.com/images/cookie.svg?hash=c14d512633aca47353519cde2fe95c00
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 918167527bdb7c3a2cf06631f02c20d9505625b20e77ec453804c842cc196f00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/de/landing-pages/standard-welcome-package-up-to-1-000-eur-200-fs?stag=16284_63649a933ae604677351e181&__layerref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:38 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 14:03:11 GMT
server: cloudflare
age: 2330
etag: W/"6363ca1f-7a5"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 764abdcf3aa0bb4d-FRA
expires: Fri, 04 Nov 2022 08:52:38 GMT

GET
H2 200 page.gif
track.customer.io/events/ 35 B
242 B 197ms
150ms Image
image/gif 35.227.225.220
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.customer.io/events/page.gif?name=https%3A%2F%2Fwww.joocasinos2.com%2Flanding-pages%2Fstandard-welcome-package-up-to-1-000-eur-200-fs%3Fstag%3D16284_63649a933ae604677351e181%26__layerref%3Dhttp%253A%252F%252Fquasuokbw.aeshahealyourlife.org%252F&data%5Bstag%5D=16284_63649a933ae604677351e181&data%5B__layerref%5D=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F&data%5Bwidth%5D=1600&data%5Bheight%5D=1200&data%5Breferrer%5D=https%3A%2F%2Fwww.joocasino.live%2F&c=&s=7c1ce9ff-c6b5-0e11-c71b-c18e04ddd973&site_id=8beb5381153d81e55787&timestamp=1667537558956
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.225.220 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.225.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:39 GMT
via: 1.1 google
content-type: image/gif
access-control-allow-origin: *
status: 200 OK
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-transfer-encoding: binary
content-disposition: attachment
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.3/customer/action/ 663 B
877 B 206ms
146ms Script
application/javascript 23.36.162.71
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=8370151&url=https%3A%2F%2Fwww.joocasinos2.com%2Fde%2Flanding-pages%2Fstandard-welcome-package-up-to-1-000-eur-200-fs%3Fstag%3D16284_63649a933ae604677351e181%26__layerref%3Dhttp%253A%252F%252Fquasuokbw.aeshahealyourlife.org%252F&group_id=0&channel_type=code&jsonp=__74xnxu2s7dw

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.71 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-71.deploy.static.akamaitechnologies.com

Software

Resource Hash

485ba278c0b09ed8f37734dc11a180196c5456688b929f83f18b77c3630cc48f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.joocasinos2.com/;
X-Frame-Options	allow-from https://www.joocasinos2.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://www.joocasinos2.com/;
legacy: 2023-06-30
date: Fri, 04 Nov 2022 04:52:39 GMT
content-length: 663
vary: Accept-Encoding
x-frame-options: allow-from https://www.joocasinos2.com/
content-type: application/javascript; charset=UTF-8

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 209 KB
72 KB 225ms
106ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: quasuokbw.aeshahealyourlife.org
URL: http://quasuokbw.aeshahealyourlife.org/rd/c3353ijDnP12719rVmz40668EIJ49106eyRd1077

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ebe500e8da630b873b03057441fdf2185dbbcdeadf52a8720937ba1e67f21d83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
etag: "63575841-11ef4"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73460
expires: Fri, 04 Nov 2022 05:52:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 285ms
7ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55RTWWR&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 04 Nov 2022 03:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5270
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 04 Nov 2022 05:24:49 GMT

GET
H2 200 hotjar-1296269.js Show response
static.hotjar.com/c/ 4 KB
3 KB 279ms
9ms Script
application/javascript 108.138.7.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1296269.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55RTWWR&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-118.fra56.r.cloudfront.net

Software

Resource Hash

5df6b26e5a00ed5c3a5d2a9aff8fffec3e0d8a413b425510d58c3daa0b44dd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:02 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 37
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/615c61fe51460bdb8217a8fda4677cf9
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: dTVFF8xCvkZIYWTMpUvWxPZv_xytjx2x_u-eRvDfFyrzqYySj8Cs-g==

GET
H2

200

635eb737-3168-4c17-b1a5-f61dc54f6ca5_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/635eb737-3168-4c17-b1a5-f61dc54f6ca5.js
https://cdn.mouseflow.com/projects/635eb737-3168-4c17-b1a5-f61dc54f6ca5_eu.js

188 KB
54 KB

17ms
15ms

Script
application/javascript

151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/635eb737-3168-4c17-b1a5-f61dc54f6ca5_eu.js
Protocol: H2
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 1d474997a373e4aa65e7304d0ce4a1232e255b3761282fb9bb4addee33ba01be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:39 GMT
content-encoding: gzip
last-modified: Thu, 03 Nov 2022 07:02:34 GMT
server
etag: "b13fbb3f52efd81:0"
x-hw: 1667537559.cds009.fr8.hn,1667537559.cds098.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 55597

Redirect headers

date: Fri, 04 Nov 2022 04:52:39 GMT
x-hw: 1667537559.cds009.fr8.hn,1667537559.cds103.fr8.c
location: https://cdn.mouseflow.com/projects/635eb737-3168-4c17-b1a5-f61dc54f6ca5_eu.js
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-hw-loc: https://cdn.mouseflow.com/projects/635eb737-3168-4c17-b1a5-f61dc54f6ca5.js
content-length: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 256ms
10ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: quasuokbw.aeshahealyourlife.org
URL: http://quasuokbw.aeshahealyourlife.org/rd/c3353ijDnP12719rVmz40668EIJ49106eyRd1077

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 04 Nov 2022 04:52:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27337
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: xYo4GOPGg4+hSZV55nE+4AoA/CEtnsVmLy49pB/LIyd7koHX+SFoiBfGH34G/hWZ8M3WtaQU6I/1jOyk+17v8w==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 83ms
31ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H7YMY879NC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55RTWWR&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

52833961d49341a3c469ee39ce7a4062ea8de0555165ff53777c878ab523b38c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76598
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Nov 2022 04:52:39 GMT

GET
H2 200 3f78a0df6e4c0fbf56a0dbf2d002c703-www.joocasinos2.com-a5f9fe20e68869f5f53cdba21ec1bdb36db18dad794af40f7da68f241b63e177b1ff09c46f56e98bcc3ef778179897ce-c2VhbC5wbmc%3D
4d4d5e53-57bf-4790-9fe6-1fe679506a1b.snippet.antillephone.com/sealassets/ 45 KB
46 KB 82ms
81ms Image
image/png 2600:9000:223c:6c00:b:5f76:2600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4d4d5e53-57bf-4790-9fe6-1fe679506a1b.snippet.antillephone.com/sealassets/3f78a0df6e4c0fbf56a0dbf2d002c703-www.joocasinos2.com-a5f9fe20e68869f5f53cdba21ec1bdb36db18dad794af40f7da68f241b63e177b1ff09c46f56e98bcc3ef778179897ce-c2VhbC5wbmc%3D?status=valid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6c00:b:5f76:2600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f7acaa7ace617964cd79de3287bfa740f1d3fbcbed82ea1d09cd94058d4b1281

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:39 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: FRA56-P2
x-powered-by: Express
etag: W/"b52e-9Sv9CXsT+D+kNxT1l4bvpAgvVaE"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=1200
cf-ray: 764abdcff8e29259-FRA
content-length: 46382
x-amz-cf-id: Du_Ofzr0eManUEZWivDHzisDU13L4hOr-bvVHpih3wIU3R1vxXFTTw==

GET
H2 200 54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
4d4d5e53-57bf-4790-9fe6-1fe679506a1b.snippet.antillephone.com/ 68 B
439 B 12ms
12ms Image
image/png 2600:9000:223c:6c00:b:5f76:2600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4d4d5e53-57bf-4790-9fe6-1fe679506a1b.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6c00:b:5f76:2600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 01:34:27 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Tue, 15 Dec 2020 08:04:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 703093
etag: "e679fbd466a2d656f194a5da4fa083cd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 68
x-amz-cf-id: xqE0D3vWCdtuEjAoJXzk6Tw7M0ccGVhj7oC68tmBpIw2tVezkuZ-jA==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
350 B 52ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-H7YMY879NC&gtm=2oeb20&_p=1233494487&cid=32094207.1667537559&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667537559&sct=1&seg=0&dl=https%3A%2F%2Fwww.joocasinos2.com%2Fde%2Flanding-pages%2Fstandard-welcome-package-up-to-1-000-eur-200-fs%3Fstag%3D16284_63649a933ae604677351e181%26__layerref%3Dhttp%253A%252F%252Fquasuokbw.aeshahealyourlife.org%252F&dr=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F&dt=JOO-Willkommenspaket%3A%20bis%20zu%202.000%20EUR%20%2B%20200%20Freispiele&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H7YMY879NC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 04:52:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.joocasinos2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 202 rum
rum.browser-intake-datadoghq.eu/api/v2/ 0
0 51ms
51ms Ping
application/json 2600:1901:0:7047::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.11.5%2Cenv%3Aproduction%2Cservice%3Ajoocasino-(princess_com)%2Cversion%3A1.0.86&dd-api-key=pube5ccec668a34c9c9865ffc4cefd0ab2f&dd-evp-origin-version=4.11.5&dd-evp-origin=browser&dd-request-id=5ee8f1a0-3399-4f45-a609-7e6d75cd198d&batch_time=1667537559164
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:7047:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.joocasinos2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.3/customer/action/ 3 KB
1 KB 12ms
12ms Script
application/javascript 23.36.162.71
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=8370151&version=128672.74.74.25880.1890.1230.419.84.6.212.6.12.186&group_id=8&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.71 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-71.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9afe81999294e4c26cb5c9e4933f79e0c98bdf33e09c39d01fc569a8ae361a0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:39 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
cache-control: public, max-age=209
content-length: 1215
expires: Fri, 04 Nov 2022 04:56:08 GMT

GET
H2 200 open_chat Show response
secure.livechatinc.com/customer/action/ Frame 032A 9 KB
3 KB 33ms
13ms Document
text/html 23.36.162.71
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=8370151&group=8&embedded=1&widget_version=3&unique_groups=1
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.71 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-71.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6101017761d7515e619c6addb716813f42ea211f00e42412baf5109c08363d92

Request headers

Referer: https://www.joocasinos2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 2521
content-type: text/html; charset=utf-8
date: Fri, 04 Nov 2022 04:52:39 GMT
vary: Accept-Encoding

GET
H2 200 get_localization Show response
api.livechatinc.com/v3.3/customer/action/ 11 KB
4 KB 12ms
12ms Script
application/javascript 23.36.162.71
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.3/customer/action/get_localization?license_id=8370151&version=ff93808ef52c6dd040640c4853b854bd_ff05a5e0d4e54b0f54572679f1199093&language=en&group_id=8&jsonp=__lc_localization
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.71 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-71.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0466d8aaa2d7cf4a6270a1099bcd87b1f888ec3b2cc3602b082806497c7774ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:39 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
cache-control: public, max-age=221
content-length: 3783
expires: Fri, 04 Nov 2022 04:56:20 GMT

GET
H2 200 0.4d56395b.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 032A 209 KB
65 KB 8ms
6ms Script
application/javascript 23.36.162.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/0.4d56395b.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=8370151&group=8&embedded=1&widget_version=3&unique_groups=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-17.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 73d016ea85b0377e240929bbdfa16d1c3d8e7ff94c6031dbfe579dbb85f38ee7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: tq91OZijntwXH6b7cNfirpgbKxyYVUFN
content-encoding: br
date: Fri, 04 Nov 2022 04:52:39 GMT
last-modified: Tue, 18 Oct 2022 07:22:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"7bcdf419e0a90597730304e2a52ed344"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: xHjTds49pEKrm897--HDDQzAevDhQGHd7-jGmUxI5ZTxtDgKDWhgEA==
content-length: 66456
expires: Sat, 04 Nov 2023 04:52:39 GMT

GET
H2 200 2.27cbefe6.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 032A 328 KB
93 KB 16ms
14ms Script
application/javascript 23.36.162.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/2.27cbefe6.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=8370151&group=8&embedded=1&widget_version=3&unique_groups=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-17.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7798de03b6c1c413f02a217706c2d2184eef3b65b5ee5a4acc580199c8194e78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: Qo4mVXFltx_zOJWdAznTaT3JhpQG6vcO
content-encoding: br
date: Fri, 04 Nov 2022 04:52:39 GMT
last-modified: Mon, 24 Oct 2022 08:58:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"80d8ab58cabf877bba13f0ed817ca18f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: A1RF_PkxOqFLMXQ7u-FlAr1-a1H01F_DXlAkwfmP3o4J_3LYfJrW1A==
content-length: 94380
expires: Sat, 04 Nov 2023 04:52:39 GMT

GET
H2 200 iframe.65100864.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 032A 452 KB
120 KB 16ms
14ms Script
application/javascript 23.36.162.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/iframe.65100864.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=8370151&group=8&embedded=1&widget_version=3&unique_groups=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-17.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 287904e72a59305352cb47c95e7134387305873bb84adc377fbb0955df817466

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: lk64lf.AOVLolW5wWeqmJEb9Ln7YdV4V
content-encoding: br
date: Fri, 04 Nov 2022 04:52:39 GMT
last-modified: Mon, 24 Oct 2022 08:58:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"a75b934efeb773e593ffbba72c3be682"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: mcKOt8Zs2lFWcXOyFlF8eJ9spXCv-pFeghx14_5fSjlA_XaVu1KDOw==
content-length: 122073
expires: Sat, 04 Nov 2023 04:52:39 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
cdn.livechatinc.com/widget/ Frame 032A 13 KB
13 KB 28ms
10ms Font
application/octet-stream 23.36.162.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=8370151&group=8&embedded=1&widget_version=3&unique_groups=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-17.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f

Request headers

Referer: https://secure.livechatinc.com/
Origin: https://secure.livechatinc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: 4jMtpmrTh3NU2il.eSSLRODO9UYgvJk9
date: Fri, 04 Nov 2022 04:52:39 GMT
last-modified: Tue, 18 Oct 2022 07:22:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "3b5df7e947d77201eaf22f3dbdac08cc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12852
x-amz-cf-id: Vpwr56nO4a-mfdsjRQA3N1lOhiIsn5JZ-5L583VMoCdQwKrMU4sJQA==
expires: Sat, 04 Nov 2023 04:52:39 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
cdn.livechatinc.com/widget/ Frame 032A 12 KB
13 KB 28ms
11ms Font
application/octet-stream 23.36.162.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=8370151&group=8&embedded=1&widget_version=3&unique_groups=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-17.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6

Request headers

Referer: https://secure.livechatinc.com/
Origin: https://secure.livechatinc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: msVoGOeEvv4rBAjmPT.bOOY9QhLnYq.K
date: Fri, 04 Nov 2022 04:52:39 GMT
last-modified: Tue, 18 Oct 2022 07:22:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "d9f5998f47f6f22cb66e7dbf428c76ab"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12688
x-amz-cf-id: fxiNcFvoxT9I8hmwwa_kah8ZOqqGoxi-TbPFUgTBhyXFm24mgEC-oQ==
expires: Sat, 04 Nov 2023 04:52:39 GMT

GET
H3 200 436588700242637 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 248ms
236ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/436588700242637?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c07f480f3dbaf364d648c2639124066093afde6ff8e16cdc8471fba2d7516541

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 04 Nov 2022 04:52:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: U9a2slLUyp19GPFBhAN3keO3vxZZJ2x3YtH9q20qcI/wUVpg/701kNWExhQwEmeWZEWiEQjp18YcHXmEZTh2Yg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9812.lzBeN8yDrM9_NdWoOUD9JSohE45LnXqbXNSl-3gkDOVQ36OC8Y4sVhfzi4dMfdIe.2jrzrRVlbFGvyhle6q3tLCxR2K8%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9812.El2iXxbCtv_JaW1qysgOAq21BV8V2XtucKByw6DioDKsuPgJfVocqjBxb4ksxHG_gXpchV3tn0Y4Weznr8DPSQ%2C%2C.CEVe_L2fvsp0v545I9X9Sdl0n_s%2C

75 B
75 B

56ms
55ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9812.El2iXxbCtv_JaW1qysgOAq21BV8V2XtucKByw6DioDKsuPgJfVocqjBxb4ksxHG_gXpchV3tn0Y4Weznr8DPSQ%2C%2C.CEVe_L2fvsp0v545I9X9Sdl0n_s%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:39 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9812.El2iXxbCtv_JaW1qysgOAq21BV8V2XtucKByw6DioDKsuPgJfVocqjBxb4ksxHG_gXpchV3tn0Y4Weznr8DPSQ%2C%2C.CEVe_L2fvsp0v545I9X9Sdl0n_s%2C
date: Fri, 04 Nov 2022 04:52:39 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 modules.fb31143041749935774c.js Show response
script.hotjar.com/ 254 KB
65 KB 39ms
7ms Script
application/javascript 52.222.214.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.fb31143041749935774c.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1296269.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-101.fra56.r.cloudfront.net

Software

Resource Hash

2c31f8bb314c9d47e89662daac66d55d23a2db294da120978e1d33438b992b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 08:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 71973
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 66231
last-modified: Thu, 03 Nov 2022 08:52:17 GMT
etag: "824d1340a30234e6909a3b6170eb8f07"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: gje96MOxZsIKGR0j4zIxDUhOOWg5JLEV8WOve-LXGh24718xPxb1ng==

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 55ms
53ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:52:39 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
etag: "63575841-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Nov 2022 05:52:39 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 34ms
14ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1233494487&t=pageview&_s=1&dl=https%3A%2F%2Fwww.joocasinos2.com%2Fde%2Flanding-pages%2Fstandard-welcome-package-up-to-1-000-eur-200-fs%3Fstag%3D16284_63649a933ae604677351e181%26__layerref%3Dhttp%253A%252F%252Fquasuokbw.aeshahealyourlife.org%252F&dr=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F&ul=en-us&de=UTF-8&dt=JOO-Willkommenspaket%3A%20bis%20zu%202.000%20EUR%20%2B%20200%20Freispiele&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=262484226&gjid=1841264180&cid=32094207.1667537559&tid=UA-125317781-1&_gid=2019585374.1667537559&_r=1&gtm=2wgb2055RTWWR&z=2121592233

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.joocasinos2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 04:52:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.joocasinos2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
442 B 60ms
20ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-125317781-1&cid=32094207.1667537559&jid=262484226&gjid=1841264180&_gid=2019585374.1667537559&_u=YADAAEAAAAAAACAAI~&z=1830807837

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.joocasinos2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 04 Nov 2022 04:52:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.joocasinos2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-0feefa1930c964ac6aa4db4e99e8f25f.html Show response
vars.hotjar.com/ Frame 8EF6 2 KB
1 KB 34ms
7ms Document
text/html 18.66.147.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-0feefa1930c964ac6aa4db4e99e8f25f.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1296269.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-116.fra60.r.cloudfront.net

Software

Resource Hash

d45014fa88918c35f5c3401458f0a26c0f45fe6132fc31a227b186ebe55d5d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.joocasinos2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 132693
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 16:01:06 GMT
etag: "7860f2201e5523a8914b582db81455db"
last-modified: Wed, 02 Nov 2022 16:00:49 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-amz-cf-id: yhAbfQrjE2CRJKTyvfmZFUG0kOivo0lLcdVMz1c3Ch4gwJdiD5k7Lw==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2

200

postmessage.html Show response
accounts.livechatinc.com/static/ Frame B98E
Redirect Chain

https://accounts.livechatinc.com/licence/g8370151_8/customer?license_id=8370151&flow=button&response_type=token&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&redirect_uri=https%3A%2F%2Fsecure.livechat...
https://accounts.livechatinc.com/static/postmessage.html

553 B
493 B

135ms
135ms

Document
text/html

23.36.162.71
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.livechatinc.com/static/postmessage.html
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/iframe.65100864.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.71 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-71.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7cb6c118ec3898ea3cf8db6f9d26f49cbe1ed8475e269b78d8162307b648b1ae

Request headers

Referer: https://secure.livechatinc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 365
content-type: text/html
date: Fri, 04 Nov 2022 04:52:39 GMT
etag: "06F41167B22D690E6AD57C16440DEC37558AF6A5"
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Fri, 04 Nov 2022 04:52:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://accounts.livechatinc.com/static/postmessage.html#access_token=dal%3AMn2pIc8cRE2hHKyob32phw&entity_id=6951c6be-c0af-44c6-6674-49f1ae88f721&expires_in=28800&redirect_uri=https%3A%2F%2Fsecure.livechatinc.com%2Fcustomer%2Faction%2Fopen_chat&state=%40livechat%2Fcustomer-auth&token_type=Bearer
pragma: no-cache

POST
H3 202 rum
rum.browser-intake-datadoghq.eu/api/v2/ 0
0 59ms
59ms Ping
application/json 2600:1901:0:7047::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.11.5%2Cenv%3Aproduction%2Cservice%3Ajoocasino-(princess_com)%2Cversion%3A1.0.86&dd-api-key=pube5ccec668a34c9c9865ffc4cefd0ab2f&dd-evp-origin-version=4.11.5&dd-evp-origin=browser&dd-request-id=b73c0f83-aff3-4171-b2c2-44f9fb000857&batch_time=1667537559403
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:7047:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.joocasinos2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 39ms
9ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=436588700242637&ev=PageView&dl=https%3A%2F%2Fwww.joocasinos2.com%2Fde%2Flanding-pages%2Fstandard-welcome-package-up-to-1-000-eur-200-fs%3Fstag%3D16284_63649a933ae604677351e181%26__layerref%3Dhttp%253A%252F%252Fquasuokbw.aeshahealyourlife.org%252F&rl=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F&if=false&ts=1667537559558&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667537559557.363771509&it=1667537559277&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 04 Nov 2022 04:52:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/51821255/
Redirect Chain

https://mc.yandex.com/watch/51821255?wmode=7&page-url=https%3A%2F%2Fwww.joocasinos2.com%2Fde%2Flanding-pages%2Fstandard-welcome-package-up-to-1-000-eur-200-fs%3Fstag%3D16284_63649a933ae604677351e18...
https://mc.yandex.com/watch/51821255/1?wmode=7&page-url=https%3A%2F%2Fwww.joocasinos2.com%2Fde%2Flanding-pages%2Fstandard-welcome-package-up-to-1-000-eur-200-fs%3Fstag%3D16284_63649a933ae604677351e...

420 B
501 B

56ms
56ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/51821255/1?wmode=7&page-url=https%3A%2F%2Fwww.joocasinos2.com%2Fde%2Flanding-pages%2Fstandard-welcome-package-up-to-1-000-eur-200-fs%3Fstag%3D16284_63649a933ae604677351e181%26__layerref%3Dhttp%253A%252F%252Fquasuokbw.aeshahealyourlife.org%252F&page-ref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfm45xylrqz94o3kspt6k%3Afp%3A901%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1032290009504%3Ahid%3A234123158%3Az%3A0%3Ai%3A20221104045239%3Aet%3A1667537559%3Ac%3A1%3Arn%3A814145206%3Arqn%3A1%3Au%3A1667537559585162175%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C34%2C1%2C0%2C0%2C%2C130%2C0%2C2452%2C2452%2C10%2C460%3Acpf%3A1%3Ans%3A1667537556434%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1667537560%3At%3AJOO-Willkommenspaket%3A%20bis%20zu%202.000%20EUR%20%2B%20200%20Freispiele&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

db7a0fc7bd2ecefd5f6c84570518c5309b49e9572b9ff42bc709cd7f68e4000d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 04:52:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 04-Nov-2022 04:52:39 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.joocasinos2.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 420
x-xss-protection: 1; mode=block
expires: Fri, 04-Nov-2022 04:52:39 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Nov 2022 04:52:39 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 04-Nov-2022 04:52:39 GMT
location: /watch/51821255/1?wmode=7&page-url=https%3A%2F%2Fwww.joocasinos2.com%2Fde%2Flanding-pages%2Fstandard-welcome-package-up-to-1-000-eur-200-fs%3Fstag%3D16284_63649a933ae604677351e181%26__layerref%3Dhttp%253A%252F%252Fquasuokbw.aeshahealyourlife.org%252F&page-ref=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfm45xylrqz94o3kspt6k%3Afp%3A901%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1032290009504%3Ahid%3A234123158%3Az%3A0%3Ai%3A20221104045239%3Aet%3A1667537559%3Ac%3A1%3Arn%3A814145206%3Arqn%3A1%3Au%3A1667537559585162175%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C34%2C1%2C0%2C0%2C%2C130%2C0%2C2452%2C2452%2C10%2C460%3Acpf%3A1%3Ans%3A1667537556434%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1667537560%3At%3AJOO-Willkommenspaket%3A%20bis%20zu%202.000%20EUR%20%2B%20200%20Freispiele&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
access-control-allow-origin: https://www.joocasinos2.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 04-Nov-2022 04:52:39 GMT

POST
H2 200 / Show response
sentry.softswiss.net/api/17/envelope/ 2 B
80 B 22ms
22ms Fetch
application/json 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.softswiss.net/api/17/envelope/?sentry_key=d4f03b5656424d369ad251ea35d2fc65&sentry_version=7

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.115.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.joocasinos2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Nov 2022 04:52:39 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.joocasinos2.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
cf-ray: 764abdd4e9ec9b21-FRA
content-length: 2

POST
H2 200 / Show response
sentry.softswiss.net/api/17/envelope/ 2 B
57 B 24ms
23ms Fetch
application/json 104.17.115.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.softswiss.net/api/17/envelope/?sentry_key=d4f03b5656424d369ad251ea35d2fc65&sentry_version=7

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.115.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.joocasinos2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Nov 2022 04:52:39 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.joocasinos2.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
cf-ray: 764abdd4e9ed9b21-FRA
content-length: 2

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 20ms
8ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=436588700242637&ev=PageView&dl=https%3A%2F%2Fwww.joocasinos2.com%2Fde%2Flanding-pages%2Fstandard-welcome-package-up-to-1-000-eur-200-fs&rl=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F&if=false&ts=1667537559829&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1667537559557.363771509&it=1667537559277&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 04 Nov 2022 04:52:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
cdn.livechatinc.com/widget/ Frame 032A 13 KB
13 KB 9ms
7ms Font
application/octet-stream 23.36.162.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-17.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f

Request headers

Referer: https://secure.livechatinc.com/
Origin: https://secure.livechatinc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: 4jMtpmrTh3NU2il.eSSLRODO9UYgvJk9
date: Fri, 04 Nov 2022 04:52:39 GMT
last-modified: Tue, 18 Oct 2022 07:22:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "3b5df7e947d77201eaf22f3dbdac08cc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12852
x-amz-cf-id: Vpwr56nO4a-mfdsjRQA3N1lOhiIsn5JZ-5L583VMoCdQwKrMU4sJQA==
expires: Sat, 04 Nov 2023 04:52:39 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
cdn.livechatinc.com/widget/ Frame 032A 12 KB
13 KB 9ms
9ms Font
application/octet-stream 23.36.162.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-17.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6

Request headers

Referer: https://secure.livechatinc.com/
Origin: https://secure.livechatinc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: msVoGOeEvv4rBAjmPT.bOOY9QhLnYq.K
date: Fri, 04 Nov 2022 04:52:39 GMT
last-modified: Tue, 18 Oct 2022 07:22:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "d9f5998f47f6f22cb66e7dbf428c76ab"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12688
x-amz-cf-id: fxiNcFvoxT9I8hmwwa_kah8ZOqqGoxi-TbPFUgTBhyXFm24mgEC-oQ==
expires: Sat, 04 Nov 2023 04:52:39 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
7ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=436588700242637&ev=Microdata&dl=https%3A%2F%2Fwww.joocasinos2.com%2Fde%2Flanding-pages%2Fstandard-welcome-package-up-to-1-000-eur-200-fs&rl=http%3A%2F%2Fquasuokbw.aeshahealyourlife.org%2F&if=false&ts=1667537561063&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22JOO-Willkommenspaket%3A%20bis%20zu%202.000%20EUR%20%2B%20200%20Freispiele%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=2&o=30&fbp=fb.1.1667537559557.363771509&it=1667537559277&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 04 Nov 2022 04:52:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 200 51821255 Show response
mc.yandex.com/webvisor/ 43 B
148 B 207ms
53ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/51821255?wmode=0&wv-part=1&wv-hit=234123158&page-url=https%3A%2F%2Fwww.joocasinos2.com%2Fde%2Flanding-pages%2Fstandard-welcome-package-up-to-1-000-eur-200-fs&rn=299945923&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1667537562%3Aw%3A1600x1200%3Av%3A921%3Az%3A0%3Ai%3A20221104045242%3Au%3A1667537559585162175%3Avf%3Ahfm45xylrqz94o3kspt6k%3Awe%3A1%3Ast%3A1667537562&t=gdpr(14)ti(2)

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.joocasinos2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 04:52:42 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 04-Nov-2022 04:52:42 GMT
content-type: image/gif
access-control-allow-origin: https://www.joocasinos2.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 04-Nov-2022 04:52:42 GMT

POST
H2 200 51821255 Show response
mc.yandex.com/webvisor/ 43 B
73 B 60ms
59ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/51821255?wmode=0&wv-part=1&wv-hit=234123158&page-url=https%3A%2F%2Fwww.joocasinos2.com%2Fde%2Flanding-pages%2Fstandard-welcome-package-up-to-1-000-eur-200-fs&rn=737454768&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1667537563%3Aw%3A1600x1200%3Av%3A921%3Az%3A0%3Ai%3A20221104045242%3Au%3A1667537559585162175%3Avf%3Ahfm45xylrqz94o3kspt6k%3Awe%3A1%3Ast%3A1667537563&t=gdpr(14)ti(2)

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.joocasinos2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 04:52:42 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 04-Nov-2022 04:52:42 GMT
content-type: image/gif
access-control-allow-origin: https://www.joocasinos2.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 04-Nov-2022 04:52:42 GMT

POST
H2 200 51821255 Show response
mc.yandex.com/webvisor/ 43 B
176 B 55ms
55ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/51821255?wmode=0&wv-part=2&wv-hit=234123158&page-url=https%3A%2F%2Fwww.joocasinos2.com%2Fde%2Flanding-pages%2Fstandard-welcome-package-up-to-1-000-eur-200-fs&rn=379790512&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1667537564%3Aw%3A1600x1200%3Av%3A921%3Az%3A0%3Ai%3A20221104045243%3Au%3A1667537559585162175%3Avf%3Ahfm45xylrqz94o3kspt6k%3Awe%3A1%3Ast%3A1667537564&t=gdpr(14)ti(2)

Requested by

Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.joocasinos2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 04:52:43 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 04-Nov-2022 04:52:43 GMT
content-type: image/gif
access-control-allow-origin: https://www.joocasinos2.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 04-Nov-2022 04:52:43 GMT

POST
H3 202 rum
rum.browser-intake-datadoghq.eu/api/v2/ 0
0 52ms
51ms Ping
application/json 2600:1901:0:7047::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.11.5%2Cenv%3Aproduction%2Cservice%3Ajoocasino-(princess_com)%2Cversion%3A1.0.86&dd-api-key=pube5ccec668a34c9c9865ffc4cefd0ab2f&dd-evp-origin-version=4.11.5&dd-evp-origin=browser&dd-request-id=e98cf7e6-c9ff-4204-bef7-3cca6f4aec4b&batch_time=1667537564186
Requested by: Host: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.aa215bf6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:7047:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.joocasinos2.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 32ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-H7YMY879NC&gtm=2oeb20&_p=1233494487&cid=32094207.1667537559&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&dl=https%3A%2F%2Fwww.joocasinos2.com%2Fde%2Flanding-pages%2Fstandard-welcome-package-up-to-1-000-eur-200-fs&dr=https%3A%2F%2Fwww.joocasinos2.com%2Fde%2Flanding-pages%2Fstandard-welcome-package-up-to-1-000-eur-200-fs%3Fstag%3D16284_63649a933ae604677351e181%26__layerref%3Dhttp%253A%252F%252Fquasuokbw.aeshahealyourlife.org%252F&sid=1667537559&sct=1&seg=1&dt=JOO-Willkommenspaket%3A%20bis%20zu%202.000%20EUR%20%2B%20200%20Freispiele&en=page_view&_et=1674
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H7YMY879NC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.joocasinos2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 04:52:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.joocasinos2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.accounts.livechatinc.com/v2/customer/3c35f3cc-309a-4a86-968d-dc0841ea1149/8/token	1970-01-20 16:48:17	Name: __lc_cid Value: 6951c6be-c0af-44c6-6674-49f1ae88f721
.accounts.livechatinc.com/v2/customer/3c35f3cc-309a-4a86-968d-dc0841ea1149/8/token	1970-01-20 16:48:17	Name: __lc_cst Value: 8b4679d57ade6e254cd9af201a6a919601a59bc12145f510f3788e3606d623bf86d1790a771bb6947049049acb20a1f9c6522b694331adf5ce9baa99efae
.accounts.livechatinc.com/licence/g8370151_8/	1970-01-20 16:48:17	Name: __lc_cid Value: 6951c6be-c0af-44c6-6674-49f1ae88f721
.accounts.livechatinc.com/licence/g8370151_8/	1970-01-20 16:48:17	Name: __lc_cst Value: 8b4679d57ade6e254cd9af201a6a919601a59bc12145f510f3788e3606d623bf86d1790a771bb6947049049acb20a1f9c6522b694331adf5ce9baa99efae
tracking.m4rv3l.com/	1970-01-20 07:55:29	Name: enc_aff_session_405 Value: ENC03e1d7bc92442207cea498a84990f1dada93ec75bd2d5f40d9503b219be5d4c55d99c47a417bc218dc01dddd154d233943b70be0bbc3d23ce1834a2b239548d565ee20664ad0816590d04418d241ab9ae88e638bc67ad2248f27ba1d0365a14163c9a0f4213991c3c1b8ecf35294d022f2704d7a4fab33fdd3a785ffcf7dfad1f34591702ac68fe25640373e14eea7ecfad43212f778241f3ae7124cd89eae0638f56b6e98e09cbb3df540dc21396c280f9903ef0e4b693b8da3d2217ff2afa6c910e823dd
tracking.m4rv3l.com/	1970-01-20 16:48:17	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDciLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEwNy4wLjUzMDQuODcgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImRlLURFLGRlO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
joopartners.com/	1970-01-20 07:55:29	Name: 811786ad1ae74adfdd20 Value: 63649a933ae604677351e181
.joocasinos2.com/	1969-12-31 23:59:59	Name: locale Value: ImRlIg%3D%3D--21017b6e8a9618962d0906c290474cdca8008712
.joocasinos2.com/	1970-01-20 07:55:29	Name: referral_params Value: eJwdyjsOgCAMANDT6GiEYtHBwcVrkJpUMJKgfGK4vcblTS9lsrNAOSqDgGqiCYAYe4VawyBYjKI1xlPlGHmfXc5XIwdYPuT6cxdKJZzb0xEnR47J11CiP3buQrT%2FeQEIVB%2FR
.joocasinos2.com/	1970-01-20 07:55:29	Name: stag Value: IjE2Mjg0XzYzNjQ5YTkzM2FlNjA0Njc3MzUxZTE4MSI%3D--802ec90b1a512cf2476e6ce065fc3f23cb15b34e
www.joocasinos2.com/	1970-01-20 16:48:17	Name: _omappvp Value: rEwd6x6MmisWQc82cKjQhy3e7xXwHZXvgWpJMTOFSoTZ4bhtG0DVPXz8ffo2NN35xui234ng8AXwogegMye4iSQ96nfQNvNB
www.joocasinos2.com/	1970-01-20 07:12:18	Name: _omappvs Value: 1667537557040
www.joocasinos2.com/	1970-01-20 15:57:53	Name: optiMonkClientId Value: e1c08b47-656e-ee56-78cc-798306e6f61f
.joocasinos2.com/	1970-01-20 15:57:53	Name: _cioanonid Value: 7c1ce9ff-c6b5-0e11-c71b-c18e04ddd973
.joocasinos2.com/	1970-01-20 15:57:53	Name: _ym_uid Value: 1667537559585162175
.joocasinos2.com/	1970-01-20 15:57:53	Name: _ym_d Value: 1667537559
.joocasinos2.com/	1970-01-20 16:48:17	Name: _ga Value: GA1.2.32094207.1667537559
.joocasinos2.com/	1970-01-20 07:13:43	Name: _gid Value: GA1.2.2019585374.1667537559
.joocasinos2.com/	1970-01-20 07:12:17	Name: _gat_UA-125317781-1 Value: 1
.mc.yandex.com/	1970-01-20 07:12:18	Name: sync_cookie_csrf Value: 2733412546fake
.joocasinos2.com/	1970-01-20 07:13:29	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 07:12:18	Name: sync_cookie_csrf Value: 3642896748fake
.joocasinos2.com/	1970-01-20 15:57:53	Name: _hjSessionUser_1296269 Value: eyJpZCI6IjVjYTc3ZmUwLTc0YmUtNTY2Yi1hMmY2LWM5YTNmNDJjMGE5NCIsImNyZWF0ZWQiOjE2Njc1Mzc1NTk0MjcsImV4aXN0aW5nIjpmYWxzZX0=
.joocasinos2.com/	1970-01-20 07:12:19	Name: _hjFirstSeen Value: 1
www.joocasinos2.com/	1970-01-20 07:12:17	Name: _hjIncludedInSessionSample Value: 0
.joocasinos2.com/	1970-01-20 07:12:19	Name: _hjSession_1296269 Value: eyJpZCI6ImI4ZWJkNDQwLWJlM2ItNDlkZS1hNzM0LWY5NGQxZmJmY2E4OSIsImNyZWF0ZWQiOjE2Njc1Mzc1NTk1MzcsImluU2FtcGxlIjpmYWxzZX0=
.joocasinos2.com/	1970-01-20 07:12:19	Name: _hjAbsoluteSessionInProgress Value: 0
.joocasinos2.com/	1970-01-20 09:21:53	Name: _fbp Value: fb.1.1667537559557.363771509
accounts.livechatinc.com/	1970-01-20 07:12:17	Name: __oauth_redirect_detector Value: counter=1&t=1667537589&tag=b66097896e5f1bda3d277a9a93ddcf6f97e16a4b
.yandex.com/	1970-01-20 15:57:53	Name: yandexuid Value: 5851026411667537559
.yandex.com/	1970-01-20 15:57:53	Name: yuidss Value: 5851026411667537559
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 37305081667537559
.yandex.com/	1970-01-20 16:48:17	Name: i Value: q3Sn3VqMhUvr+kf+WAjrALh2mNiM7mMpjvlZsHVwFEDiq0d0GOKAyKHhugfQX0PNptzaH4i2gSpw+8cZr4+0CzuMA/g=
.yandex.com/	1970-01-20 15:57:53	Name: ymex Value: 1699073559.yrts.1667537559#1699073559.yrtsi.1667537559
.joocasinos2.com/	1970-01-20 07:12:19	Name: _ym_visorc Value: w
.joocasinos2.com/	1970-01-20 16:48:17	Name: _ga_H7YMY879NC Value: GS1.1.1667537559.1.1.1667537560.0.0.0
www.joocasinos2.com/	1970-01-20 07:12:18	Name: _dd_s Value: rum=2&id=df3cbb73-5e08-4c31-a449-f8c011d030d2&created=1667537556811&expire=1667538456812

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.omappapi.com/v2/embed/155955?d=joocasinos2.com Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9812.El2iXxbCtv_JaW1qysgOAq21BV8V2XtucKByw6DioDKsuPgJfVocqjBxb4ksxHG_gXpchV3tn0Y4Weznr8DPSQ%2C%2C.CEVe_L2fvsp0v545I9X9Sdl0n_s%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4d4d5e53-57bf-4790-9fe6-1fe679506a1b.snippet.antillephone.com
a.omappapi.com
accounts.livechatinc.com
api.livechatinc.com
api.omappapi.com
assets.customer.io
cdn.livechatinc.com
cdn.mouseflow.com
cdn.onesignal.com
cdn2.softswiss.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
front.optimonk.com
gs-cdn.optimonk.com
jfapiprod.optimonk.com
joocasino.live
joopartners.com
mc.yandex.com
mc.yandex.ru
onesignal.com
payments-lib.cdn.s7s.ai
quasuokbw.aeshahealyourlife.org
region1.google-analytics.com
rum.browser-intake-datadoghq.eu
script.hotjar.com
secure.livechatinc.com
sentry.softswiss.net
static.hotjar.com
stats.g.doubleclick.net
track.customer.io
tracking.m4rv3l.com
vars.hotjar.com
www.facebook.com
www.formsnatke.com
www.google-analytics.com
www.googletagmanager.com
www.joocasino.com
www.joocasino.live
www.joocasinos2.com
104.17.115.131
104.18.35.11
104.18.42.221
108.138.7.118
108.156.60.55
138.199.37.226
151.139.128.11
157.245.25.14
172.64.144.106
172.64.146.204
176.34.200.217
18.66.147.116
185.141.164.9
185.59.220.194
185.83.144.222
188.114.96.3
2001:4860:4802:32::178
2001:4860:4802:32::36
23.36.162.17
23.36.162.71
2600:1901:0:7047::
2600:9000:211e:b400:11:9cfd:9400:93a1
2600:9000:223c:6c00:b:5f76:2600:93a1
2606:4700::6812:e234
2a00:1450:4001:80f::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a00:1450:400c:c00::9a
2a02:6b8::1:119
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.117.177.207
35.227.225.220
52.222.214.101
0466d8aaa2d7cf4a6270a1099bcd87b1f888ec3b2cc3602b082806497c7774ce
079fc7379f4694d8d44630039ae5d4148acebe8ef61b82748bf70c76b6024bfc
08022c77620e37c5dafd37b485dcaca376962c6911cde6e178ca64f8ff6fd1fd
0885821afdc8a7ada5b34dfd1ed77ca8029870f5aee205b9587752481de37264
0ffb8c54467ae566df5efb670b905ca16e5e289556fa32dbc2df58ae32e8d42a
103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f
1134f572c0d1d985517d740e8ae6d2008f9c424c56837d555464df1a11025a2c
18e807854bdeb5ab195abd56559c6f3e8a5712b433f15a84fc25856686ee5532
1b0caac0bb1cb7f53b6b0822400292702deeb03385bcb3639aae1f59e433419a
1d4139c3225b7800b97932ecb40b0716a45de527467b9dd641980ccac39f4895
1d474997a373e4aa65e7304d0ce4a1232e255b3761282fb9bb4addee33ba01be
1f2f2c7f29fb287b16f64405066f0a9938edee6a91d5690dae7be8d62f3cb805
272dcddfdd753d0c9eeb08c23fb04be7b5b28c5f3e1289eefae72f90c5e0c417
287904e72a59305352cb47c95e7134387305873bb84adc377fbb0955df817466
2a5136e4ce5619d954ea4b89c17978a66bb07e825c6f74d4ee1f2dd411c2131c
2c31f8bb314c9d47e89662daac66d55d23a2db294da120978e1d33438b992b73
31b4a10e6ff75662247af1ad3eeee8d995115917f9a43a221eab8e328a58fab6
3e746f251d740251b643a3a53f6514ab9477c1867f45862155839633ab52d3ee
3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4687404ff6dc29d0f95acc9cf20f2023a6f8c4a6fc0e76aa239850b4ef86d991
4704753282ed83afb0f2d50ee4f58590fcd491f7f1e0a4f676410d9b3cdc4595
485ba278c0b09ed8f37734dc11a180196c5456688b929f83f18b77c3630cc48f
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f
503b72121bef0bcd9f5d7022c04ad0159cb04490f6f88908137be8a747dba0bb
52833961d49341a3c469ee39ce7a4062ea8de0555165ff53777c878ab523b38c
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55e4e04ddcd872bf3755f30de95f3d4996a7a1fc1579f7b91bc76cce93baba00
56739b656d4d73286dfd9e28a79b14e4986094c6f35b5ee765940cb1911d2cd0
5da6e407387467dd4c90789cf7e3948f67be7ecbe2b482d243f85de8fe45e386
5df6b26e5a00ed5c3a5d2a9aff8fffec3e0d8a413b425510d58c3daa0b44dd5d
6101017761d7515e619c6addb716813f42ea211f00e42412baf5109c08363d92
6721864f43c54b191639f0da7e42f70ea647048ffe4d78d6eca79e8927ac6c43
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e8f3c7e7e17c973a83acb5a27f1b5426c947105cb221b021a20b73cf069cc99
6ecb933a415566e1d91f0f4c0a108cd44c115d4c22597db766360c343f049e84
701a8084c52ba8d9429d83bdcfd18a015cbf278c4b54385be5705f2a3dc17d2e
710eaf5de9e92f3e678aaa8c5789dc4fd9a7537ba964c94041f28f415f6adc7a
72006d81d8e2e779e60db60bf0bdecfae011822b76e1f8dc688d6b27d775f2d8
727305f298e0181826720125a4d5dfcb7ba203b1ec2f3b5ade8849de7fd4e8da
73d016ea85b0377e240929bbdfa16d1c3d8e7ff94c6031dbfe579dbb85f38ee7
75f27772440e1088a13870476339046d464085306a299ae77bab075fda7324b6
7798de03b6c1c413f02a217706c2d2184eef3b65b5ee5a4acc580199c8194e78
7cb6c118ec3898ea3cf8db6f9d26f49cbe1ed8475e269b78d8162307b648b1ae
7cc1dad58e6bec791b843be1ab166dba1ae38495fcce9d82dcc25b77d4595474
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7ededff02718be09a59e2914ca23d1ebd61ccd84848e14c137efb080714423ef
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
85249594aaf9a7158807bbb31187e1b27fea03a4eb79cd50e9cf8a769017e8d7
85f0b9ca412b1b2c5ce84007871323a0d6f3e532e7b8a726026b458a1656c1df
86af09d351c0a3be01506ecbff333a4e35474f82442f1fd632a609626e3cd6f8
87d4a08e36012c4023795840f8e7229d2463514283d829af0232fdd09f3af4fc
8f1c964b984656921b9905dbade6b53106a93729ed41977662f3a6882a843322
909b8eecd82f0fe5104788596b709eacec95421bf61a8265f1b0d1405de11fc7
918167527bdb7c3a2cf06631f02c20d9505625b20e77ec453804c842cc196f00
91b446334115a2e5d06dd0b5f0b0382c3943a76a69de89d91cae7f4cc967a045
93378c79bf3938bf62116cbda4038e79ce4aa5ec56c906192f7b5d141cdf1c73
93967d165e5eec38cc43df0c486ae0f4e89af2c9e8a674e7c8c3c2a20d98ec4f
96761d41e062b92d3cf8328eb49c18a86dd6a7af96fd752ee955c9078bf493f4
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
9afe81999294e4c26cb5c9e4933f79e0c98bdf33e09c39d01fc569a8ae361a0f
9b181cbe191e567bafea6cd601bf74c4d8fcb92c92f1b8239397b2346cb5d3c0
a11849ca516f93f71253486d07b192542bbdc550ee18e5458e76b89bcd403e88
a2a8fe9937142fec97a094bab0238491f836de170b7b26487d0161eace8f7ce8
a507fceafe6b62abaa2930d9fa6ddf857f26d1c9273a5f5e228beb517bd5dc99
a6d6cebc51593fc28f880332d862320be0535654a9cba447a6ff05046d1671fb
a86b50faf5d959344444e64c626bdf8ded70acb431b44519105ba4cecc2d3a3e
a89790c70b7e27999279ce1fe87048f0c27b03231531214e03671eac5e0aee58
a97bdd935a8caa831e5f58f194e31ca58d97a547e5e6f0feb83cd79e2c109868
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0cd51fcbe153ede82381a02014f66d8d2d0fd5d4e3126cf5b8e20290250ab8d
b27cb23fe25a2d8ee82715db8d05e8880c5691726cd8a9bdb2f3775a8605c700
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
baf92e3ce0c1e541c476b6219fc55ba9ddc19f4b96d98906147e871b5d1f77fc
c07f480f3dbaf364d648c2639124066093afde6ff8e16cdc8471fba2d7516541
c18fa9cc0e6c0d2e52ea2c16385e1de3bef15822ffe047ba280c4c4ad96a5058
c5a9862297aade5bb5f17b23bb5d69ffc7a4d2e9e2ee9f012058b9847856bf2d
c8904e3972e2d84a7e2f4e93b99b991cddf5039156cacbaa1b900bc35b266d97
c9e0ee7ae1c4e56f142201efaf028e1f2cf71a39fba1311d44e152c9848605f9
cc140ef1e7c5d527ebb4e2e73107909cd646fd0bbdb10ebad305166c8c1b5204
ccbfcebf570b5d1f7b2eee143293bf8d5153d79ad8523f729c7906d5ac1de947
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d45014fa88918c35f5c3401458f0a26c0f45fe6132fc31a227b186ebe55d5d84
db7a0fc7bd2ecefd5f6c84570518c5309b49e9572b9ff42bc709cd7f68e4000d
ddc5c262549048a80cc3d9fcaa3175b54de291e34e299ca2616865bca892d7a1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7631275f425df38038e0dda0ccd175cfc7dbfaf74dcf115a43b7e76eb8b323
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6105b3a061e881af95449e0e5d1bb9944f7442774a9fb3edf90fe8e6e50f780
e84719adeec11448970536601cdbf51e677c23c329c700192f560d5cc3639e60
e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6
ebe500e8da630b873b03057441fdf2185dbbcdeadf52a8720937ba1e67f21d83
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f707d25ffacc091a4e503e2f589aba90ac0569d539c5204aa445a7ace896295d
f7acaa7ace617964cd79de3287bfa740f1d3fbcbed82ea1d09cd94058d4b1281
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
fb4c9d8245c225f80816fe88a3ccc7d00ea195007e7ed63841082fb26adfa65d
fff7a13973f005a58bddb0971072ab53dd409025a8218d2b632303f7653ef2a1

www.joocasinos2.com Open in urlscan Pro 172.64.146.204 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

129 Requests

97 %HTTPS

38 %IPv6

27 Domains

40 Subdomains

32 IPs

8 Countries

8818 kBTransfer

21112 kBSize

37 Cookies

13 Outgoing links

Page URL History

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.joocasinos2.com Open in urlscan Pro
172.64.146.204 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

97 %
HTTPS

38 %
IPv6

27
Domains

40
Subdomains

32
IPs

8
Countries

8818 kB
Transfer

21112 kB
Size

37
Cookies

129 HTTP transactions
2 data transactions