14icecazino.com Open in urlscan Pro
2a05:7880:759:637f:bbb8:95d7:26e2:40b2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://2023newyearazody.ru.com/
Effective URL:
https://14icecazino.com/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref...
Submission Tags: phishingrod
Submission: On September 18 via api (September 18th 2023, 1:40:42 am UTC) from DE — Scanned from DE

Summary HTTP 79 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 6 countries across 16 domains to perform 79 HTTP transactions. The main IP is 2a05:7880:759:637f:bbb8:95d7:26e2:40b2, located in Cyprus and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is 14icecazino.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 11th 2023. Valid for: a year.

This is the only time 14icecazino.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::ac43:a178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:9ac0:6d:... 2a06:9ac0:6d:6369:aaa2:7aee:3da2:38f2	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1 6	2a07:180:501:... 2a07:180:501:b0a0:5cac:b3ed:54f5:6dc4	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
27	2a05:7880:759... 2a05:7880:759:637f:bbb8:95d7:26e2:40b2	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
9	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:b000:b:c730:d5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:e00:8:c78b:2540:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2a06:9ac0:6af... 2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
7	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
79	14

1 2606:4700:3034::ac43:a178 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

2023newyearazody.ru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

l1l.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:9ac0:6d:6369:aaa2:7aee:3da2:38f2 (Virgin Islands (British)) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

ehufgtds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a07:180:501:b0a0:5cac:b3ed:54f5:6dc4 (Belize) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

henedescahekiat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a05:7880:759:637f:bbb8:95d7:26e2:40b2 (Cyprus)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

14icecazino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stat.14icecazino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:b000:b:c730:d5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

f984de66-04c8-4f62-bfa6-e7b20817c106.seals-emr.certria.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:e00:8:c78b:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)

b168a673-8a8b-43fc-91d4-73343f080ed1.snippet.antillephone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895 (Virgin Islands (British))

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

widget.yhelper.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	14icecazino.com 14icecazino.com stat.14icecazino.com	1 MB
11	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 44 region1.google-analytics.com — Cisco Umbrella Rank: 2288	42 KB
9	yhelper.net widget.yhelper.net — Cisco Umbrella Rank: 438540	397 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 63	649 KB
6	henedescahekiat.com 1 redirects henedescahekiat.com	567 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	277 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2787	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 56	3 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5677	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 98	404 B
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 186	53 KB
1	antillephone.com b168a673-8a8b-43fc-91d4-73343f080ed1.snippet.antillephone.com	2 KB
1	certria.com f984de66-04c8-4f62-bfa6-e7b20817c106.seals-emr.certria.com	2 KB
1	ehufgtds.com 1 redirects ehufgtds.com	600 B
1	l1l.pw 1 redirects l1l.pw	670 B
1	ru.com 1 redirects 2023newyearazody.ru.com	880 B
79	16

	Domain	Requested by
26	14icecazino.com	henedescahekiat.com 14icecazino.com
9	widget.yhelper.net	14icecazino.com widget.yhelper.net
9	www.googletagmanager.com	henedescahekiat.com www.google-analytics.com www.googletagmanager.com
6	region1.google-analytics.com	www.googletagmanager.com
6	henedescahekiat.com	1 redirects henedescahekiat.com
5	www.google-analytics.com	henedescahekiat.com www.google-analytics.com www.googletagmanager.com
4	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	14icecazino.com client
2	www.google.de
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.google.com	14icecazino.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	connect.facebook.net	henedescahekiat.com
1	b168a673-8a8b-43fc-91d4-73343f080ed1.snippet.antillephone.com	14icecazino.com
1	f984de66-04c8-4f62-bfa6-e7b20817c106.seals-emr.certria.com	14icecazino.com
1	stat.14icecazino.com	14icecazino.com
1	ehufgtds.com	1 redirects
1	l1l.pw	1 redirects
1	2023newyearazody.ru.com	1 redirects
79	20

This site contains no links.

Subject Issuer	Validity	Valid
henedescahekiat.com Cloudflare Inc ECC CA-3	`2023-08-31` - `2024-08-29`	a year	crt.sh
14icecazino.com Cloudflare Inc ECC CA-3	`2023-09-11` - `2024-09-10`	a year	crt.sh
stat.14icecazino.com Cloudflare Inc ECC CA-3	`2023-09-11` - `2024-09-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.seals-emr.certria.com AlphaSSL CA - SHA256 - G4	`2023-07-24` - `2024-08-24`	a year	crt.sh
*.snippet.antillephone.com Starfield Secure Certificate Authority - G2	`2023-04-02` - `2024-05-03`	a year	crt.sh
widget.yhelper.net Cloudflare Inc ECC CA-3	`2023-08-09` - `2024-08-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-27` - `2023-09-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://14icecazino.com/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f
Frame ID: E21F69B8EB4B2BF2BCE481ACCFAF3572
Requests: 67 HTTP requests in this frame

Frame: https://widget.yhelper.net/iframe/
Frame ID: 1D134E51447D5C5AB561221D1BFBF328
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Registrierung im ICE Casino

Page URL History Show full URLs

https://2023newyearazody.ru.com/ HTTP 302
https://l1l.pw/c5nmpm/koticede?track_id=1he79qkvd8e1 HTTP 302
https://ehufgtds.com/11134/26787?param=27188&clickid=147140906 HTTP 302
https://henedescahekiat.com/ice/p7100?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=... HTTP 302
https://henedescahekiat.com/m1219/check/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&... Page URL
https://14icecazino.com/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&p... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

79
Requests

100 %
HTTPS

100 %
IPv6

16
Domains

20
Subdomains

14
IPs

6
Countries

3242 kB
Transfer

8314 kB
Size

34
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://2023newyearazody.ru.com/ HTTP 302
https://l1l.pw/c5nmpm/koticede?track_id=1he79qkvd8e1 HTTP 302
https://ehufgtds.com/11134/26787?param=27188&clickid=147140906 HTTP 302
https://henedescahekiat.com/ice/p7100?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE HTTP 302
https://henedescahekiat.com/m1219/check/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f&_fragment=%21%2Fauth%2Fregister Page URL
https://14icecazino.com/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://2023newyearazody.ru.com/ HTTP 302
https://l1l.pw/c5nmpm/koticede?track_id=1he79qkvd8e1 HTTP 302
https://ehufgtds.com/11134/26787?param=27188&clickid=147140906 HTTP 302
https://henedescahekiat.com/ice/p7100?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE HTTP 302
https://henedescahekiat.com/m1219/check/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f&_fragment=%21%2Fauth%2Fregister

79 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

https://2023newyearazody.ru.com/
https://l1l.pw/c5nmpm/koticede?track_id=1he79qkvd8e1
https://ehufgtds.com/11134/26787?param=27188&clickid=147140906
https://henedescahekiat.com/ice/p7100?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE
https://henedescahekiat.com/m1219/check/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b4...

3 KB
992 B

70ms
69ms

Document
text/html

2a07:180:501:b0a0:5cac:b3ed:54f5:6dc4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://henedescahekiat.com/m1219/check/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f&_fragment=%21%2Fauth%2Fregister
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180:501:b0a0:5cac:b3ed:54f5:6dc4 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52977ced9048bc77bdef4418c90dd8a8583d620a305c39696b9f814819da45a1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8085e1b6faf12ba2-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 18 Sep 2023 01:40:35 GMT
server: cloudflare

Redirect headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8085e1b66a842ba2-FRA
content-type: text/html; charset=UTF-8
date: Mon, 18 Sep 2023 01:40:35 GMT
location: https://henedescahekiat.com/m1219/check/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f&_fragment=%21%2Fauth%2Fregister
server: cloudflare

GET
H2 200 bundle-341220101100.min.js Show response
henedescahekiat.com/assets/js/ 35 KB
15 KB 30ms
29ms Script
application/javascript 2a07:180:501:b0a0:5cac:b3ed:54f5:6dc4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://henedescahekiat.com/assets/js/bundle-341220101100.min.js
Requested by: Host: henedescahekiat.com
URL: https://henedescahekiat.com/m1219/check/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f&_fragment=%21%2Fauth%2Fregister
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180:501:b0a0:5cac:b3ed:54f5:6dc4 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72bd990665a3e23e453cbc32142e0adc634dcf9ce65098207d7697807daa6730

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henedescahekiat.com/m1219/check/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f&_fragment=%21%2Fauth%2Fregister
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Aug 2023 14:54:47 GMT
server: cloudflare
age: 6693
etag: W/"64ecb537-8b65"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8085e1b77b4a2ba2-FRA

GET
H2 200 lm-1.0.0.min.js Show response
henedescahekiat.com/assets/js/ 189 B
217 B 31ms
31ms Script
application/javascript 2a07:180:501:b0a0:5cac:b3ed:54f5:6dc4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://henedescahekiat.com/assets/js/lm-1.0.0.min.js
Requested by: Host: henedescahekiat.com
URL: https://henedescahekiat.com/m1219/check/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f&_fragment=%21%2Fauth%2Fregister
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180:501:b0a0:5cac:b3ed:54f5:6dc4 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0405fc1f27636448050c4f267b89d9d75250af8f5eb0d0720bfafc5b64090a85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henedescahekiat.com/m1219/check/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f&_fragment=%21%2Fauth%2Fregister
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Aug 2023 14:54:47 GMT
server: cloudflare
age: 6695
etag: W/"64ecb537-bd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8085e1b77b4c2ba2-FRA

GET
H2 200 ms-1.0.3.min.js Show response
henedescahekiat.com/assets/js/ 817 B
455 B 34ms
34ms Script
application/javascript 2a07:180:501:b0a0:5cac:b3ed:54f5:6dc4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://henedescahekiat.com/assets/js/ms-1.0.3.min.js
Requested by: Host: henedescahekiat.com
URL: https://henedescahekiat.com/m1219/check/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f&_fragment=%21%2Fauth%2Fregister
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180:501:b0a0:5cac:b3ed:54f5:6dc4 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08dd5a669ddce08beff7fcd7ca5bd30984f8862ac2c2811e70b1b60209a35399

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henedescahekiat.com/m1219/check/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f&_fragment=%21%2Fauth%2Fregister
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Aug 2023 14:54:47 GMT
server: cloudflare
age: 2840
etag: W/"64ecb537-331"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8085e1b77b502ba2-FRA

GET
H2 200 ice.gif
henedescahekiat.com/assets/img/meta-redirect/ 549 KB
550 KB 47ms
46ms Image
image/gif 2a07:180:501:b0a0:5cac:b3ed:54f5:6dc4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://henedescahekiat.com/assets/img/meta-redirect/ice.gif
Requested by: Host: henedescahekiat.com
URL: https://henedescahekiat.com/m1219/check/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f&_fragment=%21%2Fauth%2Fregister
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180:501:b0a0:5cac:b3ed:54f5:6dc4 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e31f8e72213757385a19d7209cacd13de382b710e5d53f061323f57a0318c567

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henedescahekiat.com/m1219/check/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f&_fragment=%21%2Fauth%2Fregister
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:35 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 28 Aug 2023 14:54:47 GMT
server: cloudflare
etag: "64ecb537-8956e"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8085e1b7ab7e2ba2-FRA
content-length: 562542

GET
H2 200 blank.gif
14icecazino.com/ 43 B
528 B 131ms
59ms Image
image/gif 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://14icecazino.com/blank.gif?1695001235257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henedescahekiat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:35 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
x-envoy-upstream-service-time: 0
accept-ranges: bytes
cf-ray: 8085e1b8de165c68-FRA
content-length: 43
x-request-id: 5e490078-61be-432d-97be-daf2aace37b7
expires: Mon, 18 Sep 2023 05:40:35 GMT

GET
H2 200 Primary Request register Show response
14icecazino.com/de/ 61 KB
23 KB 188ms
186ms Document
text/html 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://14icecazino.com/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f

Requested by

Host: henedescahekiat.com
URL: https://henedescahekiat.com/assets/js/ms-1.0.3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9469f92a989313a425d2565aaf7bc7ec906ee682e973e2ee8d0148c5a21a1b8b

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://henedescahekiat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8085e1b94e4c5c68-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 18 Sep 2023 01:40:35 GMT
link: </static/133415/assets/css/popups.css>; rel="preload"; as="style",</static/133415/assets/css/main.css>; rel="preload"; as="style",</static/133415/assets/js/main.js>; rel="preload"; as="script",</static/133415/assets/js/svg-icon-polyfill.min.js>; rel="preload"; as="script"
server: cloudflare
vary: Accept-Encoding
x-envoy-upstream-service-time: 121
x-frame-options: DENY
x-request-id: f5bbde24-a4e2-4712-a122-243c43f42cc9
x-upstream: 1

GET
H2 200 popups.css
14icecazino.com/static/133415/assets/css/ 100 KB
19 KB 31ms
30ms Stylesheet
text/css 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://14icecazino.com/static/133415/assets/css/popups.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b048592169543fe802780fde1fd467f163b71b113ec5f5c0100c77226dbf61f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:35 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: HIT
cf-cache-status: HIT
x-amz-request-id: 17843378004605C2
age: 465280
cf-polished: origSize=102573
content-encoding: br
x-cache: HIT
x-envoy-upstream-service-time: 2
x-xss-protection: 1; mode=block
x-request-id: a8a7b504-4761-4e9b-b35b-623758e0edcf
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 16:24:56 GMT
server: cloudflare
etag: W/"b4c6bbeb4916697ee32b8d9bf8a6b4a7"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 8085e1ba7ee35c68-FRA
x-amz-meta-mc-attrs: atime:1694534948#0/gid:0/gname:root/mode:33188/mtime:1694534948#0/uid:0/uname:root
expires: Thu, 15 Sep 2033 01:40:35 GMT

GET
H2 200 main.css
14icecazino.com/static/133415/assets/css/ 432 KB
68 KB 36ms
35ms Stylesheet
text/css 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://14icecazino.com/static/133415/assets/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b4cddd57270b15edb1db18beaeadb3f629729ce376f5cb2c43fe77acde584a1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:35 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: MISS
cf-cache-status: HIT
x-amz-request-id: 178433762E1AAFE5
age: 465280
cf-polished: origSize=442564
content-encoding: br
x-cache: MISS
x-envoy-upstream-service-time: 2
x-xss-protection: 1; mode=block
x-request-id: 4a1de1da-036e-435b-9593-fbbb86743420
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 16:24:56 GMT
server: cloudflare
etag: W/"bd527f04488e76a013c05d35a9763a57"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 8085e1ba7ee45c68-FRA
x-amz-meta-mc-attrs: atime:1694534948#0/gid:0/gname:root/mode:33188/mtime:1694534948#0/uid:0/uname:root
expires: Thu, 15 Sep 2033 01:40:35 GMT

GET
H2 200 main.js Show response
14icecazino.com/static/133415/assets/js/ 2 MB
449 KB 39ms
38ms Script
text/javascript 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://14icecazino.com/static/133415/assets/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6fc55e02f4eae35fd40a5f0ef1da9d258b91ada0d958029ebedfeda1908d7fb

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:35 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: HIT
cf-cache-status: HIT
x-amz-request-id: 17843377D51CE33B
age: 465280
cf-polished: origSize=2264557
content-encoding: br
x-cache: HIT
x-envoy-upstream-service-time: 2
x-xss-protection: 1; mode=block
x-request-id: b5a1309f-3769-4534-979e-8efef0d8736c
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 16:25:01 GMT
server: cloudflare
etag: W/"977b01f50fa951f0b797d7e9ab1df940"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: text/javascript
cache-control: public, max-age=315360000
cf-ray: 8085e1ba7ee75c68-FRA
x-amz-meta-mc-attrs: atime:1694534948#0/gid:0/gname:root/mode:33188/mtime:1694534948#0/uid:0/uname:root
expires: Thu, 15 Sep 2033 01:40:35 GMT

GET
H2 200 svg-icon-polyfill.min.js Show response
14icecazino.com/static/133415/assets/js/ 1 KB
1 KB 28ms
28ms Script
text/javascript 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://14icecazino.com/static/133415/assets/js/svg-icon-polyfill.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

30d3683d95a29d788e711e51c505dfa9cf92dd9911611aa4e726cd0490d74ea0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:35 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: HIT
cf-cache-status: HIT
x-amz-request-id: 178433765BEB8FD5
age: 465280
content-encoding: br
x-cache: HIT
x-envoy-upstream-service-time: 2
x-xss-protection: 1; mode=block
x-request-id: ea7930da-7e4f-4af9-ae93-8cde78d22451
last-modified: Tue, 12 Sep 2023 16:25:01 GMT
server: cloudflare
etag: W/"71e1cbc5c04bbc894ad147e21203a193"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: text/javascript
cache-control: public, max-age=315360000
cf-ray: 8085e1ba7ee95c68-FRA
x-amz-meta-mc-attrs: atime:1694534948#0/gid:0/gname:root/mode:33188/mtime:1694534948#0/uid:0/uname:root
expires: Thu, 15 Sep 2033 01:40:35 GMT

GET
H2 200 rocket-loader.min.js Show response
14icecazino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 25ms
25ms Script
application/javascript 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://14icecazino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: 14icecazino.com
URL: https://14icecazino.com/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Sep 2023 15:48:14 GMT
server: cloudflare
etag: W/"6500883e-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8085e1ba7eea5c68-FRA
expires: Wed, 20 Sep 2023 01:40:35 GMT

GET
H2 200 font.png
stat.14icecazino.com/ 95 B
297 B 103ms
48ms Image
image/png 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.14icecazino.com/font.png?project=icecasino&uniqueId=1c2649d8-0a6c-4ad0-96ef-fdd12ab16b8e&isAuth=0&action=visit&refCode=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&affData=
Requested by: Host: 14icecazino.com
URL: https://14icecazino.com/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:35 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 01:40:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8085e1baff369201-FRA
content-length: 95
expires: Mon, 18 Sep 2023 05:40:35 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 111 KB
44 KB 85ms
32ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-56PG3ZT

Requested by

Host: henedescahekiat.com
URL: https://henedescahekiat.com/m1219/check/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f&_fragment=%21%2Fauth%2Fregister

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

13bbffdd54e0b21a5c2e13ae217147025501ec1bf9dc834eb9294ce1c170daa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44292
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Sep 2023 01:40:35 GMT

GET
H2 200 rocket-loader.min.js Show response
14icecazino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 24ms
23ms Script
application/javascript 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://14icecazino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Sep 2023 15:48:14 GMT
server: cloudflare
etag: W/"6500883e-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8085e1baaf035c68-FRA
expires: Wed, 20 Sep 2023 01:40:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 82ms
31ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:400,500,600,700&subset=cyrillic

Requested by

Host: 14icecazino.com
URL: https://14icecazino.com/static/133415/assets/css/popups.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e9ef5355342a77d2e11dfc11fc0afccecf65c084241b030a19a629dbfa5a1ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Sep 2023 01:40:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 01:40:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Sep 2023 01:40:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
817 B 90ms
40ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,600,700,900&subset=latin-ext

Requested by

Host: 14icecazino.com
URL: https://14icecazino.com/static/133415/assets/css/popups.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d2f192eb698e6c1110e2fe71fba82baa92d44a3324c4f2ecf97fdc92c98c7ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Sep 2023 01:40:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 00:50:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Sep 2023 01:40:35 GMT

GET
H2 200 bg-desktop.jpg
14icecazino.com/static/133415/assets/img/frontend/preview/ 72 KB
72 KB 32ms
31ms Image
image/jpeg 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://14icecazino.com/static/133415/assets/img/frontend/preview/bg-desktop.jpg

Requested by

Host: 14icecazino.com
URL: https://14icecazino.com/static/133415/assets/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6de13b14fc576513695b1f0a0b5529f81992003091cd917ca2c21c0a4238eec2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/static/133415/assets/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:35 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: HIT
cf-cache-status: HIT
x-amz-request-id: 1784337B89B5FD6E
age: 465142
cf-polished: degrade=85, origSize=423769, status=vary_header_present
x-cache: HIT
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-request-id: fd1b9933-6fe1-4f16-ab75-842ae5a9299d
cf-bgj: imgq:85,h2pri
last-modified: Tue, 12 Sep 2023 16:24:59 GMT
server: cloudflare
etag: W/"5e85f19bc0a2bacc3d09b7e5b46c4bb0"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: image/jpeg
cache-control: public, max-age=315360000
cf-ray: 8085e1bb6f4e5c68-FRA
x-amz-meta-mc-attrs: atime:1694534949#0/gid:0/gname:root/mode:33188/mtime:1694534949#0/uid:0/uname:root
expires: Thu, 15 Sep 2033 01:40:35 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 112ms
22ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:400,500,600,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://14icecazino.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:27:54 GMT
x-content-type-options: nosniff
age: 285161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:27:54 GMT

GET
H2 200 popups.css
14icecazino.com/static/133415/assets/css/ 100 KB
19 KB 34ms
34ms Stylesheet
text/css 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://14icecazino.com/static/133415/assets/css/popups.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b048592169543fe802780fde1fd467f163b71b113ec5f5c0100c77226dbf61f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:35 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: HIT
cf-cache-status: HIT
x-amz-request-id: 17843378004605C2
age: 465280
cf-polished: origSize=102573
content-encoding: br
x-cache: HIT
x-envoy-upstream-service-time: 2
x-xss-protection: 1; mode=block
x-request-id: a8a7b504-4761-4e9b-b35b-623758e0edcf
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 16:24:56 GMT
server: cloudflare
etag: W/"b4c6bbeb4916697ee32b8d9bf8a6b4a7"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 8085e1bb6f505c68-FRA
x-amz-meta-mc-attrs: atime:1694534948#0/gid:0/gname:root/mode:33188/mtime:1694534948#0/uid:0/uname:root
expires: Thu, 15 Sep 2033 01:40:35 GMT

GET
H2 200 emr-seal.js Show response
f984de66-04c8-4f62-bfa6-e7b20817c106.seals-emr.certria.com/ 3 KB
2 KB 124ms
33ms Script
text/javascript 2600:9000:214f:b000:b:c730:d5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://f984de66-04c8-4f62-bfa6-e7b20817c106.seals-emr.certria.com/emr-seal.js

Requested by

Host: 14icecazino.com
URL: https://14icecazino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:b000:b:c730:d5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

3e5280f3788dd7734446485ed51dde98d3c0b0f762f2ba7898a393daec9995c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
server: cloudflare
x-amz-cf-pop: FRA53-C1
age: 11
x-powered-by: Express
etag: W/"c28-33vqN3L8iJk9n+s2ap9ZgR4Q6GQ"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
cf-ray: 8085e171cd7f0410-FRA
x-amz-cf-id: TxlCvgQ3UwlDre8ufAGd2r8kmYO6C7DjLDZkHxV9I2it_PsH_YR_LQ==

GET
H2 200 apg-seal.js Show response
b168a673-8a8b-43fc-91d4-73343f080ed1.snippet.antillephone.com/ 3 KB
2 KB 117ms
27ms Script
text/javascript 2600:9000:225e:e00:8:c78b:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b168a673-8a8b-43fc-91d4-73343f080ed1.snippet.antillephone.com/apg-seal.js

Requested by

Host: 14icecazino.com
URL: https://14icecazino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:e00:8:c78b:2540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

7dcfc48e155f7328d455d9e99fcdbddd947ee3208718021f3cadd741c1a0268a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
server: cloudflare
x-amz-cf-pop: FRA60-P4
age: 11
x-powered-by: Express
etag: W/"c33-ACapCWHl654rnI7hrQept3a15Yo"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
cf-ray: 8085e1720f8d9a18-FRA
x-amz-cf-id: 0-_xgxdKgHKG_f7owz3vRASWkeHre35zxpVFn3yQqcIcR5Bsk79AJA==

GET
H2 200 widget.js Show response
widget.yhelper.net/ 41 KB
13 KB 136ms
46ms Script
application/javascript 2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.yhelper.net/widget.js

Requested by

Host: 14icecazino.com
URL: https://14icecazino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

17f9bf88a9c9193b4f9affae05d1e201864a2b1ba7b594ece9a4fc9f3cd8955a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:35 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Monday, 18-Sep-2023 01:40:35 UTC
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache
cf-ray: 8085e1bbfd3d1e54-FRA

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 121ms
31ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Requested by

Host: 14icecazino.com
URL: https://14icecazino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

efd33d3afc3307ee13547105529db5496080e1f2ad0480a8f748079b4673a6cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 858
x-xss-protection: 1; mode=block
expires: Mon, 18 Sep 2023 01:40:35 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 197 KB
53 KB 86ms
23ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 18 Sep 2023 01:40:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53155
x-xss-protection: 0
pragma: public
x-fb-debug: w2At8p6tmAPJoaa5uOnMdcdPLyKizrhg16TPvv22x3hKW/ETV1liSkvlJ0vOfeiPL71PAzg/yurl68mDfvB42Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 77ms
23ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 17 Sep 2023 23:44:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6974
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 18 Sep 2023 01:44:21 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ 455 KB
184 KB 71ms
21ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3482cece5275f9eccfd54357831c2e622f64aa6e45361c16c83be621707fd150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://14icecazino.com/
Origin: https://14icecazino.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 11:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 187512
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 18:47:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Sep 2024 11:08:34 GMT

GET
H2 200 930.20d3e5849d8d815fca7e.js Show response
14icecazino.com/static/133415/assets/js/chunks/ 23 KB
10 KB 34ms
34ms Script
text/javascript 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://14icecazino.com/static/133415/assets/js/chunks/930.20d3e5849d8d815fca7e.js

Requested by

Host: 14icecazino.com
URL: https://14icecazino.com/static/133415/assets/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e37be72721fe28d17052e8acaf950acfd50b8749b0e212001c0d585de30be04f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:35 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: HIT
cf-cache-status: HIT
x-amz-request-id: 17848E7D1AD070F4
age: 365208
content-encoding: br
x-cache: HIT
x-envoy-upstream-service-time: 24
x-xss-protection: 1; mode=block
x-request-id: a6f1509f-a7a7-40ba-98b1-13b9f9303648
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 16:25:01 GMT
server: cloudflare
etag: W/"4d7e96a3766d852ff32e91bbc5a0a861"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: text/javascript
cache-control: public, max-age=315360000
cf-ray: 8085e1bcbff25c68-FRA
x-amz-meta-mc-attrs: atime:1694534948#0/gid:0/gname:root/mode:33188/mtime:1694534948#0/uid:0/uname:root
expires: Thu, 15 Sep 2033 01:40:35 GMT

GET
H2 200 528.24b4be04985ac2b8d870.js Show response
14icecazino.com/static/133415/assets/js/chunks/ 9 KB
3 KB 31ms
31ms Script
text/javascript 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://14icecazino.com/static/133415/assets/js/chunks/528.24b4be04985ac2b8d870.js

Requested by

Host: 14icecazino.com
URL: https://14icecazino.com/static/133415/assets/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d02e095963d047fba79f2c5bbe6c7b882490dbef4d505cd926664a1c2dbf2f08

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:35 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: HIT
cf-cache-status: HIT
x-amz-request-id: 1785BC917D168FB0
age: 33068
content-encoding: br
x-cache: HIT
x-envoy-upstream-service-time: 27
x-xss-protection: 1; mode=block
x-request-id: 3721e8c6-ae5b-48f3-97b7-1d8e948823e5
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 16:25:01 GMT
server: cloudflare
etag: W/"4e4987bc4958487f9a9757663020b32d"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: text/javascript
cache-control: public, max-age=315360000
cf-ray: 8085e1bcbff35c68-FRA
x-amz-meta-mc-attrs: atime:1694534948#0/gid:0/gname:root/mode:33188/mtime:1694534948#0/uid:0/uname:root
expires: Thu, 15 Sep 2033 01:40:35 GMT

GET
H2 200 popup-auth-wrapper.css
14icecazino.com/static/133415/assets/css/ 2 KB
635 B 34ms
33ms Stylesheet
text/css 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://14icecazino.com/static/133415/assets/css/popup-auth-wrapper.css?v=ce2697beb0b632d4a42a

Requested by

Host: 14icecazino.com
URL: https://14icecazino.com/static/133415/assets/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0bc6d3e7c7d77f1859f702915b0e92946af511d244e6e93a69bacad066299c3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: HIT
cf-cache-status: HIT
x-amz-request-id: 17843387DC692D45
age: 465149
content-encoding: br
x-cache: HIT
x-envoy-upstream-service-time: 0
x-xss-protection: 1; mode=block
x-request-id: 93665299-dbed-4494-a56d-772e0f2b6ca0
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 16:24:56 GMT
server: cloudflare
etag: W/"706b2604bae8cb715d83c0d099349d03"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 8085e1bd38235c68-FRA
x-amz-meta-mc-attrs: atime:1694534948#0/gid:0/gname:root/mode:33188/mtime:1694534948#0/uid:0/uname:root
expires: Thu, 15 Sep 2033 01:40:36 GMT

GET
H2 200 popup-auth-wrapper.4fabfdede391802109a5.js Show response
14icecazino.com/static/133415/assets/js/chunks/ 2 KB
1019 B 28ms
28ms Script
text/javascript 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://14icecazino.com/static/133415/assets/js/chunks/popup-auth-wrapper.4fabfdede391802109a5.js

Requested by

Host: 14icecazino.com
URL: https://14icecazino.com/static/133415/assets/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0635619a5d3a6db04d5a2dd2d819272495002d5a1048b692e89c498d370d2bb9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: HIT
cf-cache-status: HIT
x-amz-request-id: 17843398110A6316
age: 465148
content-encoding: br
x-cache: HIT
x-envoy-upstream-service-time: 22
x-xss-protection: 1; mode=block
x-request-id: c442389b-316e-4564-929b-b92752106e83
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 16:25:01 GMT
server: cloudflare
etag: W/"3969997ac41e38fee34356e27ecf3101"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: text/javascript
cache-control: public, max-age=315360000
cf-ray: 8085e1bd38255c68-FRA
x-amz-meta-mc-attrs: atime:1694534948#0/gid:0/gname:root/mode:33188/mtime:1694534948#0/uid:0/uname:root
expires: Thu, 15 Sep 2033 01:40:36 GMT

GET
H2 200 / Show response
widget.yhelper.net/iframe/ Frame 1D13 488 B
459 B 43ms
43ms Document
text/html 2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.yhelper.net/iframe/

Requested by

Host: widget.yhelper.net
URL: https://widget.yhelper.net/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9141600ee7f2d21182cc1656b94d567d01f2f5e9a0c8d679ed15967c4ed6309

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://14icecazino.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache
cf-cache-status: DYNAMIC
cf-ray: 8085e1bd4df31e54-FRA
content-encoding: gzip
content-type: text/html
date: Mon, 18 Sep 2023 01:40:36 GMT
last-modified: Monday, 18-Sep-2023 01:40:36 UTC
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
221 B 30ms
30ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1816890753&t=pageview&_s=1&dl=https%3A%2F%2F14icecazino.com%2Fde%2Fregister%3Fatp%3D27188%26goto%3Dsitereg%26clickid%3D147140906%26plid%3D11134%26bnid%3D26787%26po%3D%26lang%3Dde%26cc%3DDE%26ref%3Dmb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188%26uuid%3D9a7f20de02247b428f55c30352e2a7c82bdb023f&dr=https%3A%2F%2Fhenedescahekiat.com%2F&ul=en-us&de=UTF-8&dt=Registrierung%20im%20ICE%20Casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=774036324&gjid=1006432243&cid=1354343665.1695001236&tid=UA-98516105-1&_gid=2083838789.1695001236&_r=1&_slc=1&z=1470258062

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

bb630c1508d89d1dc288ef6dbcff8c766ebee31bc252e8bb9e4e971b0a7faa3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://14icecazino.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 01:40:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://14icecazino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 graphql Show response
14icecazino.com/ 25 B
554 B 190ms
190ms Fetch
application/json 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://14icecazino.com/graphql

Requested by

Host: 14icecazino.com
URL: https://14icecazino.com/static/133415/assets/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e22d029733257e44801d6f8caa04376c133389cb4add1eafb78f13fe220fccc8

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept: */*
X-Gc-Locale: de
Referer: https://14icecazino.com/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
content-type: application/json

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json
x-upstream: 1
cache-control: private
x-envoy-upstream-service-time: 140
cf-ray: 8085e1bd583b5c68-FRA
x-request-id: 9318c75f-751f-4666-874a-0f4996c4e5bb

GET
H2 200 main.2d681b2e.js Show response
widget.yhelper.net/iframe/ Frame 1D13 1 MB
354 KB 47ms
47ms Script
application/javascript 2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.yhelper.net/iframe/main.2d681b2e.js?7295617861535e3ed069

Requested by

Host: widget.yhelper.net
URL: https://widget.yhelper.net/iframe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2f85d9d8a76b3c6b693ef3c66e1fa3fcdea9e1198937dd59c3a8ea76b28f46a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.yhelper.net/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Monday, 18-Sep-2023 01:40:36 UTC
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache
cf-ray: 8085e1bdbe341e54-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
348 B 88ms
30ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-98516105-1&cid=1354343665.1695001236&jid=774036324&gjid=1006432243&_gid=2083838789.1695001236&_u=IEBAAEAAAAAAACAAI~&z=1586304918

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://14icecazino.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 18 Sep 2023 01:40:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://14icecazino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 248 KB
84 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZTGWQ6F978&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed00ea9fb3a270bb82513b3d87ec28ab6f0e9615e1d04b5f28492c27c71c1e0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86317
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Sep 2023 01:40:36 GMT

GET
H2 200 reg-form.css
14icecazino.com/static/133415/assets/css/ 5 KB
1 KB 30ms
30ms Stylesheet
text/css 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://14icecazino.com/static/133415/assets/css/reg-form.css?v=42e47a2bccfba050c7dd

Requested by

Host: 14icecazino.com
URL: https://14icecazino.com/static/133415/assets/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

933089cbc6fe9ccacbea059b45c092de782de7b33c8b6de743892b2f38a9ec37

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: MISS
cf-cache-status: HIT
x-amz-request-id: 178433761F3DDACA
age: 465148
content-encoding: br
x-cache: MISS
x-envoy-upstream-service-time: 0
x-xss-protection: 1; mode=block
x-request-id: 43f48aae-b209-4a6e-8a8f-6225b41ed8f1
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 16:24:56 GMT
server: cloudflare
etag: W/"2a5a7744cdcbacf67a31c1c61ce79029"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 8085e1bdc8955c68-FRA
x-amz-meta-mc-attrs: atime:1694534948#0/gid:0/gname:root/mode:33188/mtime:1694534948#0/uid:0/uname:root
expires: Thu, 15 Sep 2033 01:40:36 GMT

GET
H2 200 reg-form.61a9144b9b528e1fc5fe.js Show response
14icecazino.com/static/133415/assets/js/chunks/ 12 KB
3 KB 28ms
28ms Script
text/javascript 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://14icecazino.com/static/133415/assets/js/chunks/reg-form.61a9144b9b528e1fc5fe.js

Requested by

Host: 14icecazino.com
URL: https://14icecazino.com/static/133415/assets/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e23780ce55dd93f3e1f6a2814acf5a9dedce77a9e93966b7d7fd40dde111cca8

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: HIT
cf-cache-status: HIT
x-amz-request-id: 1784337E75023E07
age: 465148
content-encoding: br
x-cache: HIT
x-envoy-upstream-service-time: 0
x-xss-protection: 1; mode=block
x-request-id: 80289c84-7588-4774-ad42-194a3fbfabf7
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 16:25:01 GMT
server: cloudflare
etag: W/"b7c678d4b60f48c70b578a76d78ec0cb"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: text/javascript
cache-control: public, max-age=315360000
cf-ray: 8085e1bdc8965c68-FRA
x-amz-meta-mc-attrs: atime:1694534948#0/gid:0/gname:root/mode:33188/mtime:1694534948#0/uid:0/uname:root
expires: Thu, 15 Sep 2033 01:40:36 GMT

GET
H2 200 color.svg
14icecazino.com/static/133415/assets/img/frontend/sprites/ 67 KB
18 KB 30ms
30ms Other
image/svg+xml 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://14icecazino.com/static/133415/assets/img/frontend/sprites/color.svg?v

Requested by

Host: 14icecazino.com
URL: https://14icecazino.com/static/133415/assets/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

423687ebf828fa62a47c094a3e9be985850e16a461c95c52fe8ad163807e275e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: HIT
cf-cache-status: HIT
x-amz-request-id: 17843379587554BD
age: 465280
content-encoding: br
x-cache: HIT
x-envoy-upstream-service-time: 23
x-xss-protection: 1; mode=block
x-request-id: 99ab3fc2-f0c3-4a6a-9814-53f6c154b57e
last-modified: Tue, 12 Sep 2023 16:25:00 GMT
server: cloudflare
etag: W/"28b4e01b0f258e9366ce38f5dc1419f0"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=315360000
cf-ray: 8085e1bdd89d5c68-FRA
x-amz-meta-mc-attrs: atime:1694534949#0/gid:0/gname:root/mode:33188/mtime:1694534949#0/uid:0/uname:root
expires: Thu, 15 Sep 2033 01:40:36 GMT

GET
H2 200 signup-right-decor.png
14icecazino.com/static/133415/assets/img/frontend/popup/ 100 KB
100 KB 29ms
28ms Image
image/png 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://14icecazino.com/static/133415/assets/img/frontend/popup/signup-right-decor.png

Requested by

Host: 14icecazino.com
URL: https://14icecazino.com/static/133415/assets/css/popups.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

898b71787602b400df4fec6177db2a8fb0c4393195a7f3685e5b3ad634c971ae

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/static/133415/assets/css/popups.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: HIT
cf-cache-status: HIT
x-amz-request-id: 17843388DF89E4DE
age: 465138
cf-polished: origSize=111193, status=vary_header_present
x-cache: HIT
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-request-id: f5eae37b-2d87-4ae8-af23-bbf4d341bc09
cf-bgj: imgq:85,h2pri
last-modified: Tue, 12 Sep 2023 16:24:59 GMT
server: cloudflare
etag: W/"dd7150313ed24cf90c02f202907d707e"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=315360000
cf-ray: 8085e1bdd8a35c68-FRA
x-amz-meta-mc-attrs: atime:1694534949#0/gid:0/gname:root/mode:33188/mtime:1694534949#0/uid:0/uname:root
expires: Thu, 15 Sep 2033 01:40:36 GMT

GET
H2 200 reg-footer.svg
14icecazino.com/static/133415/assets/img/frontend/preview/ 4 KB
1 KB 32ms
31ms Image
image/svg+xml 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://14icecazino.com/static/133415/assets/img/frontend/preview/reg-footer.svg

Requested by

Host: 14icecazino.com
URL: https://14icecazino.com/static/133415/assets/css/popups.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

270b19996d064c86d88d333c1d8bdfe91537798f3b7d42d950d3d5fabdf10300

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/static/133415/assets/css/popups.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: HIT
cf-cache-status: HIT
x-amz-request-id: 17843387AF36E0D4
age: 465145
content-encoding: br
x-cache: HIT
x-envoy-upstream-service-time: 0
x-xss-protection: 1; mode=block
x-request-id: c0c0bf06-d03e-4794-846d-a5086975b8f2
last-modified: Tue, 12 Sep 2023 16:24:59 GMT
server: cloudflare
etag: W/"c1a272876463f556cf750af75eec305a"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=315360000
cf-ray: 8085e1bdd8a45c68-FRA
x-amz-meta-mc-attrs: atime:1694534949#0/gid:0/gname:root/mode:33188/mtime:1694534949#0/uid:0/uname:root
expires: Thu, 15 Sep 2033 01:40:36 GMT

GET
H2 200 ice-joker.png
14icecazino.com/static/133415/assets/img/frontend/preview/ 273 KB
274 KB 38ms
38ms Image
image/png 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://14icecazino.com/static/133415/assets/img/frontend/preview/ice-joker.png

Requested by

Host: 14icecazino.com
URL: https://14icecazino.com/static/133415/assets/css/popups.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c94651df1bb422f664b6d0d6b766692d42c64a69ff8ffc05e799508a6cc0b90

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/static/133415/assets/css/popups.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: MISS
cf-cache-status: HIT
x-amz-request-id: 1784338D114C4E1D
age: 465138
cf-polished: origSize=290640, status=vary_header_present
x-cache: MISS
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-request-id: e2660700-6be5-48b1-95d7-d319324d2604
cf-bgj: imgq:85,h2pri
last-modified: Tue, 12 Sep 2023 16:24:59 GMT
server: cloudflare
etag: W/"4fe8048920cab795fb0ddbfc2a2ec3bb"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=315360000
cf-ray: 8085e1bdd8a65c68-FRA
x-amz-meta-mc-attrs: atime:1694534949#0/gid:0/gname:root/mode:33188/mtime:1694534949#0/uid:0/uname:root
expires: Thu, 15 Sep 2033 01:40:36 GMT

GET
H2 200 bonus-bg.png
14icecazino.com/static/133415/assets/img/frontend/preview/ 111 KB
111 KB 32ms
31ms Image
image/png 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://14icecazino.com/static/133415/assets/img/frontend/preview/bonus-bg.png

Requested by

Host: 14icecazino.com
URL: https://14icecazino.com/static/133415/assets/css/popup-auth-wrapper.css?v=ce2697beb0b632d4a42a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f73e4bf9bd6b683e8bd11302d6edc676f1e559b051991f8bbe0ede7d82c0f61

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/static/133415/assets/css/popup-auth-wrapper.css?v=ce2697beb0b632d4a42a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: HIT
cf-cache-status: HIT
x-amz-request-id: 1784337A99A889C7
age: 465145
cf-polished: origSize=135581, status=vary_header_present
x-cache: HIT
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-request-id: af87ab74-fff2-428a-99a4-62aa1542f5c3
cf-bgj: imgq:85,h2pri
last-modified: Tue, 12 Sep 2023 16:24:59 GMT
server: cloudflare
etag: W/"eedabf41d41f2ee41b8bb6201699daf8"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=315360000
cf-ray: 8085e1bdd8a85c68-FRA
x-amz-meta-mc-attrs: atime:1694534949#0/gid:0/gname:root/mode:33188/mtime:1694534949#0/uid:0/uname:root
expires: Thu, 15 Sep 2033 01:40:36 GMT

GET
H2 200 reg-bonus.svg
14icecazino.com/static/133415/assets/img/frontend/preview/ 13 KB
2 KB 34ms
33ms Image
image/svg+xml 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://14icecazino.com/static/133415/assets/img/frontend/preview/reg-bonus.svg

Requested by

Host: 14icecazino.com
URL: https://14icecazino.com/static/133415/assets/css/popup-auth-wrapper.css?v=ce2697beb0b632d4a42a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b6f0b1327160a4bb6df1abc7081ea364ba445a3d0f6ab49f2da14be639ecddc

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/static/133415/assets/css/popup-auth-wrapper.css?v=ce2697beb0b632d4a42a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: MISS
cf-cache-status: HIT
x-amz-request-id: 1784337A99BE361F
age: 465145
content-encoding: br
x-cache: MISS
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-request-id: 4cd8c8f9-7780-4ddc-b273-b62ec2146c2d
last-modified: Tue, 12 Sep 2023 16:24:59 GMT
server: cloudflare
etag: W/"5cdf1cd545b4ffce10479e393f591b6c"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=315360000
cf-ray: 8085e1bdd8a95c68-FRA
x-amz-meta-mc-attrs: atime:1694534949#0/gid:0/gname:root/mode:33188/mtime:1694534949#0/uid:0/uname:root
expires: Thu, 15 Sep 2033 01:40:36 GMT

GET
H2 200 icommon.ttf
14icecazino.com/assets/fonts/frontend/icommon/ 23 KB
23 KB 34ms
34ms Font
application/octet-stream 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://14icecazino.com/assets/fonts/frontend/icommon/icommon.ttf?v9.7

Requested by

Host: 14icecazino.com
URL: https://14icecazino.com/static/133415/assets/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a8e581e0c5c67721233cc8dc8daf50381f50db44717db28086a5498c253379c

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://14icecazino.com/static/133415/assets/css/main.css
Origin: https://14icecazino.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Jul 2023 15:14:32 GMT
server: cloudflare
age: 4546489
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=315360000
x-envoy-upstream-service-time: 0
accept-ranges: bytes
cf-ray: 8085e1bdd8ab5c68-FRA
content-length: 23060
x-request-id: 2cc57db4-ce4e-4b1e-8a78-f0e6a402d395
expires: Thu, 15 Sep 2033 01:40:36 GMT

GET
H2 200 mono.svg
14icecazino.com/static/133415/assets/img/frontend/sprites/ 115 KB
39 KB 33ms
32ms Other
image/svg+xml 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://14icecazino.com/static/133415/assets/img/frontend/sprites/mono.svg

Requested by

Host: 14icecazino.com
URL: https://14icecazino.com/static/133415/assets/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

72edaeab99797d7fe150f61cf9d30b14ecef5b487639b38f1da3cc4725cbe691

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-lookup: HIT
cf-cache-status: HIT
x-amz-request-id: 17843377458DCF12
age: 465280
content-encoding: br
x-cache: HIT
x-envoy-upstream-service-time: 2
x-xss-protection: 1; mode=block
x-request-id: 1d23700b-2563-4f42-b3ee-7873ac94acf6
last-modified: Tue, 12 Sep 2023 16:25:00 GMT
server: cloudflare
etag: W/"93ad46f458ba5fba22e032b3de5c66e1"
vary: Accept-Encoding,Origin
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=315360000
cf-ray: 8085e1be18ca5c68-FRA
x-amz-meta-mc-attrs: atime:1694534949#0/gid:0/gname:root/mode:33188/mtime:1694534949#0/uid:0/uname:root
expires: Thu, 15 Sep 2033 01:40:36 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 34ms
33ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-98516105-1&cid=1354343665.1695001236&jid=774036324&_u=IEBAAEAAAAAAACAAI~&z=1156188995

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 01:40:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 83ms
33ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-98516105-1&cid=1354343665.1695001236&jid=774036324&_u=IEBAAEAAAAAAACAAI~&z=1156188995

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 01:40:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 graphql Show response
14icecazino.com/ 11 KB
1 KB 159ms
159ms Fetch
application/json 2a05:7880:759:637f:bbb8:95d7:26e2:40b2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://14icecazino.com/graphql

Requested by

Host: 14icecazino.com
URL: https://14icecazino.com/static/133415/assets/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:7880:759:637f:bbb8:95d7:26e2:40b2 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

10ec11e17ffb8d7f3686b26f9b66cc83ebd3b66998e9b806e2c96a77a0231f90

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept: */*
X-Gc-Locale: de
Referer: https://14icecazino.com/de/register?atp=27188&goto=sitereg&clickid=147140906&plid=11134&bnid=26787&po=&lang=de&cc=DE&ref=mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188&uuid=9a7f20de02247b428f55c30352e2a7c82bdb023f
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
content-type: application/json

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json
x-upstream: 1
cache-control: private
x-envoy-upstream-service-time: 120
cf-ray: 8085e1be78fb5c68-FRA
x-request-id: 7dec23e1-e535-407e-92c4-d2a49410d19d

GET
H2 200 css2
fonts.googleapis.com/ Frame 1D13 20 KB
1 KB 31ms
31ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&family=Open+Sans:wght@300;400;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cea644050f1a2978a6f5c44148a956d568303b6dd8f89fb71b1535e9163a0a02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.yhelper.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Sep 2023 01:40:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 00:15:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Sep 2023 01:40:36 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 83ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZTGWQ6F978&gtm=45je39d0&_p=1816890753&_gaz=1&ul=en-us&sr=1600x1200&cid=1354343665.1695001236&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2F14icecazino.com%2Fde%2Fregister%3Fatp%3D27188%26goto%3Dsitereg%26clickid%3D147140906%26plid%3D11134%26bnid%3D26787%26po%3D%26lang%3Dde%26cc%3DDE%26ref%3Dmb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188%26uuid%3D9a7f20de02247b428f55c30352e2a7c82bdb023f&dr=https%3A%2F%2Fhenedescahekiat.com%2F&dt=Registrierung%20im%20ICE%20Casino&sid=1695001236&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZTGWQ6F978&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 01:40:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://14icecazino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 30ms
28ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZTGWQ6F978&cid=1354343665.1695001236&gtm=45je39d0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZTGWQ6F978&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 01:40:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://14icecazino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
31ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZTGWQ6F978&cid=1354343665.1695001236&gtm=45je39d0&aip=1&z=1378326109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 01:40:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 4782183d.ChatIncomingInitial.wav
widget.yhelper.net/iframe/src/assets/sounds// Frame 1D13 27 KB
27 KB 44ms
44ms Media
application/octet-stream 2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.yhelper.net/iframe/src/assets/sounds//4782183d.ChatIncomingInitial.wav

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

70f61fc75704bbe219317ebe36e8dc5f1c66bebe36b1debd903ae62a5913f35c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://widget.yhelper.net/iframe/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
last-modified: Monday, 18-Sep-2023 01:40:36 UTC
server: cloudflare
content-type: application/octet-stream
Content-Range: bytes 0-27563/27564
cache-control: no-store, no-cache
cf-ray: 8085e1c02fb21e54-FRA
Content-Length: 27564

GET
H2 200 f688ee8b.hide.svg
widget.yhelper.net/iframe/src/assets/icons/chat/24// Frame 1D13 285 B
263 B 40ms
39ms Image
image/svg+xml 2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.yhelper.net/iframe/src/assets/icons/chat/24//f688ee8b.hide.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51f862b0c36e757c81f3d0ebdb719962835fa3c4593ec9d979fbaffdf7c4939

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.yhelper.net/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
last-modified: Monday, 18-Sep-2023 01:40:36 UTC
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-store, no-cache
cf-ray: 8085e1c02fb61e54-FRA

GET
H2 200 1c089c1d.close.svg
widget.yhelper.net/iframe/src/assets/icons/chat/24// Frame 1D13 872 B
396 B 39ms
38ms Image
image/svg+xml 2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.yhelper.net/iframe/src/assets/icons/chat/24//1c089c1d.close.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b723ed8f1f8214896f7c4213859addf841c6f926874cb29c31dee6a8e8f9c47a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.yhelper.net/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
last-modified: Monday, 18-Sep-2023 01:40:36 UTC
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-store, no-cache
cf-ray: 8085e1c02fb71e54-FRA

GET
H2 200 3595c686.chat.svg
widget.yhelper.net/iframe/src/assets/icons/chat/24// Frame 1D13 491 B
359 B 72ms
72ms Image
image/svg+xml 2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.yhelper.net/iframe/src/assets/icons/chat/24//3595c686.chat.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

819fa453cc85eb531b3b618ab19e66a356d6f08ac68f13012c4440916d7eba4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.yhelper.net/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
last-modified: Monday, 18-Sep-2023 01:40:36 UTC
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-store, no-cache
cf-ray: 8085e1c02fb81e54-FRA

GET
H2 200 119f4539.history.svg
widget.yhelper.net/iframe/src/assets/icons/chat/24// Frame 1D13 642 B
405 B 38ms
38ms Image
image/svg+xml 2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.yhelper.net/iframe/src/assets/icons/chat/24//119f4539.history.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b48a53089c76a3425894af1ae567f5f31d7031fd4a2758fb1dfea8d6e00b4b48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.yhelper.net/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
last-modified: Monday, 18-Sep-2023 01:40:36 UTC
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-store, no-cache
cf-ray: 8085e1c02fb91e54-FRA

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1D13 16 KB
16 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&family=Open+Sans:wght@300;400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://widget.yhelper.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 461662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Sep 2024 17:26:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1D13 15 KB
15 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&family=Open+Sans:wght@300;400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://widget.yhelper.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 358340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Sep 2024 22:08:16 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 184 KB
67 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-227397607-1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2060d9547cc33b3e2472509ee766d1e09b0289d77c264b924f5b7f744a962f8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68749
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Sep 2023 01:40:36 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 181 KB
66 KB 59ms
59ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-227397607-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56PG3ZT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b802a80f645e7377c5c9dacbc55891bccfc637f3e12cfd64283b1b52480acde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 67825
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Sep 2023 01:40:36 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 184 KB
67 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-227397607-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56PG3ZT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

87ff5754c1d5dc9e1ddab85f007552809f56030250a6054f38b8200757e135e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68783
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Sep 2023 01:40:36 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
71 KB 72ms
72ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-313229125&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56PG3ZT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8af00fae3b3aed6c9789553a473239b91ae8b2dce3f4edf840d07847ba0694ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72572
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Sep 2023 01:40:36 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
84 KB 67ms
67ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-51T5736H3D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56PG3ZT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ecbb50e365ba5a5f2f4796b36600300938caa2780507cd96d52168a6d99b5be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85473
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Sep 2023 01:40:36 GMT

GET
H2 200 1e6304ab.article.svg
widget.yhelper.net/iframe/src/assets/icons/chat/24// Frame 1D13 962 B
485 B 45ms
44ms Image
image/svg+xml 2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.yhelper.net/iframe/src/assets/icons/chat/24//1e6304ab.article.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895 , Virgin Islands (British), ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5269f7cc9511ad04db01645d3d0f546f67118c6ed4939d94b593fb887bd8913

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.yhelper.net/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
last-modified: Monday, 18-Sep-2023 01:40:36 UTC
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-store, no-cache
cf-ray: 8085e1c1e8bb1e54-FRA

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1D13 15 KB
16 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&family=Open+Sans:wght@300;400;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://widget.yhelper.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:52:03 GMT
x-content-type-options: nosniff
age: 366513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Sep 2024 19:52:03 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 253 KB
87 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NP908F5V0N&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-227397607-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b01a46d2e81c7ecf15ab30b45362745b3bdf2776b52e037142eed80adf8a608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88667
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Sep 2023 01:40:36 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
28ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1816890753&t=pageview&_s=1&dl=https%3A%2F%2F14icecazino.com%2Fde%2Fregister%3Fatp%3D27188%26goto%3Dsitereg%26clickid%3D147140906%26plid%3D11134%26bnid%3D26787%26po%3D%26lang%3Dde%26cc%3DDE%26ref%3Dmb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188%26uuid%3D9a7f20de02247b428f55c30352e2a7c82bdb023f&dr=https%3A%2F%2Fhenedescahekiat.com%2F&ul=en-us&de=UTF-8&dt=Registrierung%20im%20ICE%20Casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=627422400&gjid=1893649357&cid=1354343665.1695001236&tid=UA-227397607-1&_gid=2083838789.1695001236&_r=1&gtm=457e39d0&jsscut=1&z=1103541728

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://14icecazino.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 01:40:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://14icecazino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-227397607-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 17 Sep 2023 23:44:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6975
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 18 Sep 2023 01:44:21 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
79 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LDPV49VMR4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-227397607-2&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7b0a9b7960398d7fe539b1e3e49422dcc141d9858dd3e1a09b39ccc215043f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:40:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80821
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Sep 2023 01:40:36 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 29ms
29ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1816890753&t=pageview&_s=1&dl=https%3A%2F%2F14icecazino.com%2Fde%2Fregister%3Fatp%3D27188%26goto%3Dsitereg%26clickid%3D147140906%26plid%3D11134%26bnid%3D26787%26po%3D%26lang%3Dde%26cc%3DDE%26ref%3Dmb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188%26uuid%3D9a7f20de02247b428f55c30352e2a7c82bdb023f&dr=https%3A%2F%2Fhenedescahekiat.com%2F&ul=en-us&de=UTF-8&dt=Registrierung%20im%20ICE%20Casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=1051582993&gjid=1505201295&cid=1354343665.1695001236&tid=UA-227397607-2&_gid=2083838789.1695001236&_r=1&gtm=457e39d0&jsscut=1&z=1086721093

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://14icecazino.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 01:40:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://14icecazino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 30ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-51T5736H3D&gtm=45je39d0&_p=1816890753&cid=1354343665.1695001236&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695001236&sct=1&seg=0&dl=https%3A%2F%2F14icecazino.com%2Fde%2Fregister%3Fatp%3D27188%26goto%3Dsitereg%26clickid%3D147140906%26plid%3D11134%26bnid%3D26787%26po%3D%26lang%3Dde%26cc%3DDE%26ref%3Dmb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188%26uuid%3D9a7f20de02247b428f55c30352e2a7c82bdb023f&dr=https%3A%2F%2Fhenedescahekiat.com%2F&dt=Registrierung%20im%20ICE%20Casino&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-51T5736H3D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 01:40:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://14icecazino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 29ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-313229125&gtm=45je39d0&_p=1816890753&cid=1354343665.1695001236&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695001236&sct=1&seg=0&dl=https%3A%2F%2F14icecazino.com%2Fde%2Fregister%3Fatp%3D27188%26goto%3Dsitereg%26clickid%3D147140906%26plid%3D11134%26bnid%3D26787%26po%3D%26lang%3Dde%26cc%3DDE%26ref%3Dmb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188%26uuid%3D9a7f20de02247b428f55c30352e2a7c82bdb023f&dr=https%3A%2F%2Fhenedescahekiat.com%2F&dt=Registrierung%20im%20ICE%20Casino&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-313229125&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 01:40:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://14icecazino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 30ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NP908F5V0N&gtm=45je39d0&_p=1816890753&cid=1354343665.1695001236&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1695001236&sct=1&seg=0&dl=https%3A%2F%2F14icecazino.com%2Fde%2Fregister%3Fatp%3D27188%26goto%3Dsitereg%26clickid%3D147140906%26plid%3D11134%26bnid%3D26787%26po%3D%26lang%3Dde%26cc%3DDE%26ref%3Dmb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188%26uuid%3D9a7f20de02247b428f55c30352e2a7c82bdb023f&dr=https%3A%2F%2Fhenedescahekiat.com%2F&dt=Registrierung%20im%20ICE%20Casino&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NP908F5V0N&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 01:40:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://14icecazino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 30ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LDPV49VMR4&gtm=45je39d0&_p=1816890753&cid=1354343665.1695001236&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&ngs=1&_s=1&sid=1695001236&sct=1&seg=0&dl=https%3A%2F%2F14icecazino.com%2Fde%2Fregister%3Fatp%3D27188%26goto%3Dsitereg%26clickid%3D147140906%26plid%3D11134%26bnid%3D26787%26po%3D%26lang%3Dde%26cc%3DDE%26ref%3Dmb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188%26uuid%3D9a7f20de02247b428f55c30352e2a7c82bdb023f&dr=https%3A%2F%2Fhenedescahekiat.com%2F&dt=Registrierung%20im%20ICE%20Casino&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LDPV49VMR4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 01:40:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://14icecazino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 29ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-51T5736H3D&gtm=45je39d0&_p=1816890753&cid=1354343665.1695001236&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1695001236&sct=1&seg=0&dl=https%3A%2F%2F14icecazino.com%2Fde%2Fregister%3Fatp%3D27188%26goto%3Dsitereg%26clickid%3D147140906%26plid%3D11134%26bnid%3D26787%26po%3D%26lang%3Dde%26cc%3DDE%26ref%3Dmb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188%26uuid%3D9a7f20de02247b428f55c30352e2a7c82bdb023f&dr=https%3A%2F%2Fhenedescahekiat.com%2F&dt=Registrierung%20im%20ICE%20Casino&en=scroll&epn.percent_scrolled=90&_et=30
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-51T5736H3D&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 01:40:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://14icecazino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 28ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NP908F5V0N&gtm=45je39d0&_p=1816890753&cid=1354343665.1695001236&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEAI&_s=2&sid=1695001236&sct=1&seg=0&dl=https%3A%2F%2F14icecazino.com%2Fde%2Fregister%3Fatp%3D27188%26goto%3Dsitereg%26clickid%3D147140906%26plid%3D11134%26bnid%3D26787%26po%3D%26lang%3Dde%26cc%3DDE%26ref%3Dmb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188%26uuid%3D9a7f20de02247b428f55c30352e2a7c82bdb023f&dr=https%3A%2F%2Fhenedescahekiat.com%2F&dt=Registrierung%20im%20ICE%20Casino&en=scroll&epn.percent_scrolled=90&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NP908F5V0N&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14icecazino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 01:40:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://14icecazino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
2023newyearazody.ru.com/	1970-01-20 15:34:39	Name: _subid Value: 1he79qkvd8e1
2023newyearazody.ru.com/	1970-01-21 00:26:01	Name: 222db Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU5MlwiOjE2OTUwMDEyMzR9LFwiY2FtcGFpZ25zXCI6e1wiMTQwXCI6MTY5NTAwMTIzNH0sXCJ0aW1lXCI6MTY5NTAwMTIzNH0ifQ.88oV7RsMmGuwB50iDMV1zfLXlE764KQJVIhiF-A9SOc
2023newyearazody.ru.com/	1970-01-20 15:34:39	Name: _token Value: uuid_1he79qkvd8e1_1he79qkvd8e16507aa9269bbd9.63486803
l1l.pw/	1970-01-20 23:35:37	Name: vid Value: 47197818
l1l.pw/	1970-01-20 14:50:04	Name: 39a68d403b7af20237e7c7fd7803871a Value: 1
ehufgtds.com/	1970-01-21 00:26:01	Name: _HGAU Value: 41d64169-2c61-418c-ae71-df1ca8920f4e
ehufgtds.com/	1970-01-20 15:33:13	Name: vst_cnt_16479 Value: 1
.ehufgtds.com/	1970-01-20 14:50:03	Name: __cf_bm Value: xcxnsgBXQcMG5TGYe_OJ9HLjvRV2PePCnPjzlef8DLw-1695001234-0-AdWWuzWo70zZVHBJEK0oWsgzt32o+/axzob+64M6TFOcDRzYJ0jqtSarQq5yBCkZ2Lsr3WTvibyaWdRpSxEOG+U=
henedescahekiat.com/	1970-01-21 00:26:01	Name: promouuid Value: 9a7f20de02247b428f55c30352e2a7c82bdb023f
henedescahekiat.com/	1970-01-20 15:33:07	Name: b4ab172b71ccb0926b9c085515118233 Value: 1
.henedescahekiat.com/	1970-01-20 14:50:03	Name: __cf_bm Value: ZHnPPmlxOJUzeRM5j5BRqiPrB6qCFi5pVQolDxAzt6Y-1695001235-0-AVvBTh+8dv/iBWfaGuLI2KKCwojkH4ofbZeOKHM1wlMIdMD/rX30lxVLFvSyzxMJmyNogj6nnnhwI26RAmtxv7w=
henedescahekiat.com/	1969-12-31 23:59:59	Name: bl Value: 1
henedescahekiat.com/	1969-12-31 23:59:59	Name: bic Value: 1
henedescahekiat.com/	1969-12-31 23:59:59	Name: bct Value: 0
henedescahekiat.com/	1970-01-21 00:26:01	Name: fp Value: c653d86a842a299150bf41c699c0b1f3
14icecazino.com/	1970-01-20 15:33:13	Name: uuid Value: 1c2649d8-0a6c-4ad0-96ef-fdd12ab16b8e
14icecazino.com/	1970-01-20 15:33:13	Name: refCode Value: mb_BQB-KwAAo2gAALwbAAA.2023-09.18.27188
14icecazino.com/	1970-01-20 15:33:13	Name: clickId Value: 147140906
14icecazino.com/	1970-01-20 15:33:13	Name: postmanUuid Value: 9a7f20de02247b428f55c30352e2a7c82bdb023f
14icecazino.com/	1970-01-20 15:10:10	Name: first_entrypoint Value: L2RlL3JlZ2lzdGVyP2F0cD0yNzE4OCZnb3RvPXNpdGVyZWcmY2xpY2tpZD0xNDcxNDA5MDYmcGxpZD0xMTEzNCZibmlkPTI2Nzg3JnBvPSZsYW5nPWRlJmNjPURFJnJlZj1tYl9CUUItS3dBQW8yZ0FBTHdiQUFBLjIwMjMtMDkuMTguMjcxODgmdXVpZD05YTdmMjBkZTAyMjQ3YjQyOGY1NWMzMDM1MmUyYTdjODJiZGIwMjNm
14icecazino.com/	1970-01-20 15:33:13	Name: _regAccess Value: available
.14icecazino.com/	1970-01-20 14:50:03	Name: __cf_bm Value: lVdqJ40tbDtPs8e.Bsp0T2J9Z2Q1u24oDbailCYB0Fg-1695001235-0-ATwifl3zIkE88PuiaecpW/uJ2GytvLqx6fHTTGpw4ZImwAWI/BCaknw0TIOZTQS85VstbQrChINgQ+kK5P3iUFE=
.widget.yhelper.net/	1970-01-20 14:50:03	Name: __cf_bm Value: KQBwkc3i2c6zOzOIoXpmvQT_zEsLfaz_EDzhMoQMZA8-1695001235-0-AUg2Hw9w5isV2DpHTZ7W1npI6lOWmPLpLjlDP8L4OlHERU3/fA4U/aPewMgF/z/oXtt4mPQTZLD0gPkhiRhONoI=
.14icecazino.com/	1970-01-20 14:51:27	Name: _gid Value: GA1.2.2083838789.1695001236
.14icecazino.com/	1970-01-20 14:50:01	Name: _gat Value: 1
.14icecazino.com/	1970-01-21 00:26:01	Name: _ga_ZTGWQ6F978 Value: GS1.2.1695001236.1.0.1695001236.60.0.0
.chat.yhelper.net/	1970-01-20 14:50:03	Name: __cf_bm Value: YA1W7x.k5hpye1840JPDba1sJLZWVhkC6KzFCCkRt6Y-1695001236-0-AZ3YXFh+yvbgel41iRaFYspLy17Lkx+9KvNzPsEPHNVgzbPTpVxYQDON3DDnPMIoNlHqKbKpg7uzHULN/xC3h2E=
.14icecazino.com/	1970-01-20 14:50:01	Name: _gat_gtag_UA_227397607_1 Value: 1
.14icecazino.com/	1970-01-20 14:50:01	Name: _gat_gtag_UA_227397607_2 Value: 1
.14icecazino.com/	1970-01-21 00:26:01	Name: _ga Value: GA1.1.1354343665.1695001236
.14icecazino.com/	1970-01-21 00:26:01	Name: _ga_313229125 Value: GS1.1.1695001236.1.0.1695001236.0.0.0
.14icecazino.com/	1970-01-21 00:26:01	Name: _ga_51T5736H3D Value: GS1.1.1695001236.1.0.1695001236.0.0.0
.14icecazino.com/	1970-01-21 00:26:01	Name: _ga_NP908F5V0N Value: GS1.1.1695001236.1.0.1695001236.0.0.0
.14icecazino.com/	1970-01-21 00:26:01	Name: _ga_LDPV49VMR4 Value: GS1.1.1695001236.1.0.1695001236.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

14icecazino.com
2023newyearazody.ru.com
b168a673-8a8b-43fc-91d4-73343f080ed1.snippet.antillephone.com
connect.facebook.net
ehufgtds.com
f984de66-04c8-4f62-bfa6-e7b20817c106.seals-emr.certria.com
fonts.googleapis.com
fonts.gstatic.com
henedescahekiat.com
l1l.pw
region1.analytics.google.com
region1.google-analytics.com
stat.14icecazino.com
stats.g.doubleclick.net
widget.yhelper.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
2001:4860:4802:34::36
2600:9000:214f:b000:b:c730:d5c0:93a1
2600:9000:225e:e00:8:c78b:2540:93a1
2606:4700:3034::ac43:a178
2a00:1450:4001:801::2008
2a00:1450:4001:803::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:810::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9a
2a03:2880:f083:100:face:b00c:0:3
2a05:7880:759:637f:bbb8:95d7:26e2:40b2
2a06:98c1:3121::3
2a06:9ac0:6af:e3ca:cbce:939c:6d01:7895
2a06:9ac0:6d:6369:aaa2:7aee:3da2:38f2
2a07:180:501:b0a0:5cac:b3ed:54f5:6dc4
0405fc1f27636448050c4f267b89d9d75250af8f5eb0d0720bfafc5b64090a85
0635619a5d3a6db04d5a2dd2d819272495002d5a1048b692e89c498d370d2bb9
08dd5a669ddce08beff7fcd7ca5bd30984f8862ac2c2811e70b1b60209a35399
0b01a46d2e81c7ecf15ab30b45362745b3bdf2776b52e037142eed80adf8a608
0e9ef5355342a77d2e11dfc11fc0afccecf65c084241b030a19a629dbfa5a1ce
10ec11e17ffb8d7f3686b26f9b66cc83ebd3b66998e9b806e2c96a77a0231f90
13bbffdd54e0b21a5c2e13ae217147025501ec1bf9dc834eb9294ce1c170daa3
17f9bf88a9c9193b4f9affae05d1e201864a2b1ba7b594ece9a4fc9f3cd8955a
1a8e581e0c5c67721233cc8dc8daf50381f50db44717db28086a5498c253379c
1ecbb50e365ba5a5f2f4796b36600300938caa2780507cd96d52168a6d99b5be
2060d9547cc33b3e2472509ee766d1e09b0289d77c264b924f5b7f744a962f8a
270b19996d064c86d88d333c1d8bdfe91537798f3b7d42d950d3d5fabdf10300
30d3683d95a29d788e711e51c505dfa9cf92dd9911611aa4e726cd0490d74ea0
3482cece5275f9eccfd54357831c2e622f64aa6e45361c16c83be621707fd150
3b802a80f645e7377c5c9dacbc55891bccfc637f3e12cfd64283b1b52480acde
3e5280f3788dd7734446485ed51dde98d3c0b0f762f2ba7898a393daec9995c2
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
423687ebf828fa62a47c094a3e9be985850e16a461c95c52fe8ad163807e275e
4d2f192eb698e6c1110e2fe71fba82baa92d44a3324c4f2ecf97fdc92c98c7ea
52977ced9048bc77bdef4418c90dd8a8583d620a305c39696b9f814819da45a1
5b048592169543fe802780fde1fd467f163b71b113ec5f5c0100c77226dbf61f
66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b
6b6f0b1327160a4bb6df1abc7081ea364ba445a3d0f6ab49f2da14be639ecddc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6de13b14fc576513695b1f0a0b5529f81992003091cd917ca2c21c0a4238eec2
6f73e4bf9bd6b683e8bd11302d6edc676f1e559b051991f8bbe0ede7d82c0f61
70f61fc75704bbe219317ebe36e8dc5f1c66bebe36b1debd903ae62a5913f35c
72bd990665a3e23e453cbc32142e0adc634dcf9ce65098207d7697807daa6730
72edaeab99797d7fe150f61cf9d30b14ecef5b487639b38f1da3cc4725cbe691
7b4cddd57270b15edb1db18beaeadb3f629729ce376f5cb2c43fe77acde584a1
7dcfc48e155f7328d455d9e99fcdbddd947ee3208718021f3cadd741c1a0268a
819fa453cc85eb531b3b618ab19e66a356d6f08ac68f13012c4440916d7eba4e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87ff5754c1d5dc9e1ddab85f007552809f56030250a6054f38b8200757e135e2
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
898b71787602b400df4fec6177db2a8fb0c4393195a7f3685e5b3ad634c971ae
8af00fae3b3aed6c9789553a473239b91ae8b2dce3f4edf840d07847ba0694ff
933089cbc6fe9ccacbea059b45c092de782de7b33c8b6de743892b2f38a9ec37
9469f92a989313a425d2565aaf7bc7ec906ee682e973e2ee8d0148c5a21a1b8b
9c94651df1bb422f664b6d0d6b766692d42c64a69ff8ffc05e799508a6cc0b90
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b2f85d9d8a76b3c6b693ef3c66e1fa3fcdea9e1198937dd59c3a8ea76b28f46a
b48a53089c76a3425894af1ae567f5f31d7031fd4a2758fb1dfea8d6e00b4b48
b6fc55e02f4eae35fd40a5f0ef1da9d258b91ada0d958029ebedfeda1908d7fb
b723ed8f1f8214896f7c4213859addf841c6f926874cb29c31dee6a8e8f9c47a
b7b0a9b7960398d7fe539b1e3e49422dcc141d9858dd3e1a09b39ccc215043f9
bb630c1508d89d1dc288ef6dbcff8c766ebee31bc252e8bb9e4e971b0a7faa3b
c5269f7cc9511ad04db01645d3d0f546f67118c6ed4939d94b593fb887bd8913
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cea644050f1a2978a6f5c44148a956d568303b6dd8f89fb71b1535e9163a0a02
d02e095963d047fba79f2c5bbe6c7b882490dbef4d505cd926664a1c2dbf2f08
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e22d029733257e44801d6f8caa04376c133389cb4add1eafb78f13fe220fccc8
e23780ce55dd93f3e1f6a2814acf5a9dedce77a9e93966b7d7fd40dde111cca8
e31f8e72213757385a19d7209cacd13de382b710e5d53f061323f57a0318c567
e37be72721fe28d17052e8acaf950acfd50b8749b0e212001c0d585de30be04f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51f862b0c36e757c81f3d0ebdb719962835fa3c4593ec9d979fbaffdf7c4939
e9141600ee7f2d21182cc1656b94d567d01f2f5e9a0c8d679ed15967c4ed6309
ed00ea9fb3a270bb82513b3d87ec28ab6f0e9615e1d04b5f28492c27c71c1e0a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd33d3afc3307ee13547105529db5496080e1f2ad0480a8f748079b4673a6cd
f0bc6d3e7c7d77f1859f702915b0e92946af511d244e6e93a69bacad066299c3
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

14icecazino.com Open in urlscan Pro 2a05:7880:759:637f:bbb8:95d7:26e2:40b2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

100 %HTTPS

100 %IPv6

16 Domains

20 Subdomains

14 IPs

6 Countries

3242 kBTransfer

8314 kBSize

34 Cookies

0 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

14icecazino.com Open in urlscan Pro
2a05:7880:759:637f:bbb8:95d7:26e2:40b2 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

100 %
HTTPS

100 %
IPv6

16
Domains

20
Subdomains

14
IPs

6
Countries

3242 kB
Transfer

8314 kB
Size

34
Cookies

79 HTTP transactions
0 data transactions