urlscan.io logo urlscan.io
SecurityTrails logo

zxs-jogosdecassino.somee.com Open in urlscan Pro
192.52.242.121  Public Scan

Go To Rescan Add Verdict Report
URL: http://zxs-jogosdecassino.somee.com/caca-niqueis-mais-populares/page-942-2024-03-25.html
Submission: On August 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 15 domains to perform 24 HTTP transactions. The main IP is 192.52.242.121, located in Miami, United States and belongs to DC74-AS, US. The main domain is zxs-jogosdecassino.somee.com.
This is the only time zxs-jogosdecassino.somee.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    192.52.242.121 (Miami, United States)

ASN17216 (DC74-AS, US)
zxs-jogosdecassino.somee.com
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:82a::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.soft112.com
1    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3.bp.blogspot.com
1    2606:4700:20::681a:dd6 (United States)

ASN13335 (CLOUDFLARENET, US)
casinorobots.com
3    2606:4700:20::681a:2bf (United States)

ASN13335 (CLOUDFLARENET, US)
slotcatalog.com
1    34.149.36.179 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 179.36.149.34.bc.googleusercontent.com
slotmachinesltd.com
1    5.199.138.104 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv10125.epyc.fastwebserver.de
www.online-casino.at
1    2600:9000:26db:a000:0:4009:5180:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.casino.guru
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    23.206.208.114 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-114.deploy.static.akamaitechnologies.com
s7.addthis.com
5    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65
355 KB
3 slotcatalog.com
slotcatalog.com
1 MB
3 somee.com
zxs-jogosdecassino.somee.com
154 KB
2 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 2798
628 B
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 130
176 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
5 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 392
33 KB
1 casino.guru
static.casino.guru
169 KB
1 online-casino.at
www.online-casino.at
78 KB
1 slotmachinesltd.com
slotmachinesltd.com
190 KB
1 casinorobots.com
casinorobots.com
100 KB
1 blogspot.com
3.bp.blogspot.com — Cisco Umbrella Rank: 13456
110 KB
1 soft112.com
cdn.soft112.com
29 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 120
193 KB
0 Failed
function sub() { [native code] }. Failed
24 15
Domain Requested by
5 www.googletagmanager.com zxs-jogosdecassino.somee.com
3 slotcatalog.com zxs-jogosdecassino.somee.com
3 zxs-jogosdecassino.somee.com zxs-jogosdecassino.somee.com
2 s7.addthis.com 1 redirects zxs-jogosdecassino.somee.com
2 pagead2.googlesyndication.com zxs-jogosdecassino.somee.com
pagead2.googlesyndication.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 ajax.googleapis.com zxs-jogosdecassino.somee.com
1 static.casino.guru zxs-jogosdecassino.somee.com
1 www.online-casino.at zxs-jogosdecassino.somee.com
1 slotmachinesltd.com zxs-jogosdecassino.somee.com
1 casinorobots.com zxs-jogosdecassino.somee.com
1 3.bp.blogspot.com zxs-jogosdecassino.somee.com
1 cdn.soft112.com zxs-jogosdecassino.somee.com
1 i.ytimg.com zxs-jogosdecassino.somee.com
0 91.215.152.128 Failed zxs-jogosdecassino.somee.com
24 15

This site contains no links.

Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
cdn.soft112.com
R3		 2023-07-28 -
2023-10-26		 3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-06 -
2024-05-04		 a year crt.sh
*.slotmachinesltd.com
R3		 2023-08-09 -
2023-11-07		 3 months crt.sh
online-casino.at
R3		 2023-07-16 -
2023-10-14		 3 months crt.sh
casino.guru
Amazon RSA 2048 M01		 2023-03-01 -
2023-12-13		 9 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://zxs-jogosdecassino.somee.com/caca-niqueis-mais-populares/page-942-2024-03-25.html
Frame ID: AF4A1F3ED821C3FFE90753BAA53E9C04
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html
Frame ID: 6FC6C61DB190B17C5658DD2FBE36A6D1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

79 %
HTTPS

71 %
IPv6

15
Domains

15
Subdomains

15
IPs

2
Countries

3000 kB
Transfer

4056 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
  • https://s7.addthis.com/js/300/addthis_widget.js

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request page-942-2024-03-25.html
zxs-jogosdecassino.somee.com/caca-niqueis-mais-populares/ 		33 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://zxs-jogosdecassino.somee.com/caca-niqueis-mais-populares/page-942-2024-03-25.html
Protocol
HTTP/1.1
Server
192.52.242.121 Miami, United States, ASN17216 (DC74-AS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1f4e40712689edf9cda103445278d2fa2718cd592fc2747f7056145689388a62

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
33558
Content-Type
text/html
Date
Sat, 12 Aug 2023 11:45:31 GMT
ETag
"486d709af7b4d91:0"
Last-Modified
Wed, 12 Jul 2023 19:32:32 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
bootstrap.min.css
zxs-jogosdecassino.somee.com/css/ 		119 KB
120 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://zxs-jogosdecassino.somee.com/css/bootstrap.min.css
Requested by
Host: zxs-jogosdecassino.somee.com
URL: http://zxs-jogosdecassino.somee.com/caca-niqueis-mais-populares/page-942-2024-03-25.html
Protocol
HTTP/1.1
Server
192.52.242.121 Miami, United States, ASN17216 (DC74-AS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
77d6cef356868f46018abf1911b049186a3e4ca73b0f0cadf48033694324948c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://zxs-jogosdecassino.somee.com/caca-niqueis-mais-populares/page-942-2024-03-25.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sat, 12 Aug 2023 11:45:31 GMT
Last-Modified
Wed, 12 Jul 2023 19:32:45 GMT
Server
Microsoft-IIS/10.0
ETag
"a6600a2f7b4d91:0"
X-Powered-By
ASP.NET
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
122184
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6890287250975679
Requested by
Host: zxs-jogosdecassino.somee.com
URL: http://zxs-jogosdecassino.somee.com/caca-niqueis-mais-populares/page-942-2024-03-25.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
32835aea78f32773bbb9926916c7644f308d4a39c02855ff8e81477ef7feb74d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zxs-jogosdecassino.somee.com/
Origin
http://zxs-jogosdecassino.somee.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 11:45:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50838
x-xss-protection
0
server
cafe
etag
11402909323288365997
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 12 Aug 2023 11:45:31 GMT
qwertymin.js
zxs-jogosdecassino.somee.com/css/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zxs-jogosdecassino.somee.com/css/qwertymin.js
Requested by
Host: zxs-jogosdecassino.somee.com
URL: http://zxs-jogosdecassino.somee.com/caca-niqueis-mais-populares/page-942-2024-03-25.html
Protocol
HTTP/1.1
Server
192.52.242.121 Miami, United States, ASN17216 (DC74-AS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0ae5586d9890485b7d9cddaad714e8df68cb7abfd679402458149db9f38fdc42

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://zxs-jogosdecassino.somee.com/caca-niqueis-mais-populares/page-942-2024-03-25.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sat, 12 Aug 2023 11:45:31 GMT
Last-Modified
Wed, 12 Jul 2023 19:32:42 GMT
Server
Microsoft-IIS/10.0
ETag
"91142da0f7b4d91:0"
X-Powered-By
ASP.NET
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1365
maxresdefault.jpg
i.ytimg.com/vi/oGN7P6xzHPI/ 		193 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/oGN7P6xzHPI/maxresdefault.jpg
Requested by
Host: zxs-jogosdecassino.somee.com
URL: http://zxs-jogosdecassino.somee.com/caca-niqueis-mais-populares/page-942-2024-03-25.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c7da47ca0be7cacaedb9381c7f8f29f1b6f67206ce0c9aa32b1da24fb3e4c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://zxs-jogosdecassino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 11:45:31 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
197438
x-xss-protection
0
server
sffe
etag
"1595344592"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 12 Aug 2023 13:45:31 GMT
pad_screenshot_240x180.jpg
cdn.soft112.com/free-slots-amazon-princess/00/00/0G/XX/00000GXXJI/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.soft112.com/free-slots-amazon-princess/00/00/0G/XX/00000GXXJI/pad_screenshot_240x180.jpg
Requested by
Host: zxs-jogosdecassino.somee.com
URL: http://zxs-jogosdecassino.somee.com/caca-niqueis-mais-populares/page-942-2024-03-25.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
2932ab2432a9c4f19fffb5a1b0ae89584084f67f1bd71819df510096b923ef8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://zxs-jogosdecassino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 11:45:31 GMT
cdn-edgestorageid
1082
cdn-cachedat
08/12/2023 11:45:31
cdn-pullzone
1098679
content-length
28571
last-modified
Mon, 19 Feb 2018 10:56:17 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"6f9b-5658e8b22b278"
content-type
image/jpeg
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
6d48dcde-e5d5-4e6b-ba9e-2ed8fcfaf113
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
23de69b29dbfb3cd62d7716da5741e82
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
koi-princess-slot-paytable.png
3.bp.blogspot.com/-AfpNx_9h9KQ/WrysG7cfrGI/AAAAAAAAApQ/jT3Q4ID-Nt0LNMYHWYsywrtQJoB8H5eFQCLcBGAs/s400/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-AfpNx_9h9KQ/WrysG7cfrGI/AAAAAAAAApQ/jT3Q4ID-Nt0LNMYHWYsywrtQJoB8H5eFQCLcBGAs/s400/koi-princess-slot-paytable.png
Requested by
Host: zxs-jogosdecassino.somee.com
URL: http://zxs-jogosdecassino.somee.com/caca-niqueis-mais-populares/page-942-2024-03-25.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d31222c54333711609d411ac960ffec81a286008e95bd163c677227db22a0816
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://zxs-jogosdecassino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 11:45:32 GMT
x-content-type-options
nosniff
server
fife
etag
"v295"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="koi-princess-slot-paytable.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112514
x-xss-protection
0
expires
Sun, 13 Aug 2023 11:45:32 GMT
amazon-queen-300x210.png
casinorobots.com/wp-content/uploads/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://casinorobots.com/wp-content/uploads/amazon-queen-300x210.png
Requested by
Host: zxs-jogosdecassino.somee.com
URL: http://zxs-jogosdecassino.somee.com/caca-niqueis-mais-populares/page-942-2024-03-25.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cbdd4d025a4531082dccd37e24d586c42a8d6ed2320fba6340649d932c901ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://zxs-jogosdecassino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 11:45:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
wpx
1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-edge-location
WPX CLOUD/FF
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
101289
x-xss-protection
1; mode=block
last-modified
Fri, 14 Jul 2023 08:23:12 GMT
server
cloudflare
etag
"18ba9-64b105f0-f8897e9ace3a9610;;;"
vary
Accept-Encoding,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FGJE6Sj9jp2SyXL86NHtzD5koE0z7wr2SosAMerIFQ7bkhfTp8XazHpZDCCKvM5gQEvGdIj7%2Fu5rtlMvqKhvhwby8ZG6rtcdnKPSEsefLsfPgcVb8%2FUWm1vYXFaWo0S%2FZW%2FWL0J%2BwCslwcvKmc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7f587901e9631e45-FRA
expires
Sun, 11 Aug 2024 17:45:32 GMT
Amazon-Queen-3.jpg
slotcatalog.com/userfiles/image/games/WMS/2032/ 		486 KB
488 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slotcatalog.com/userfiles/image/games/WMS/2032/Amazon-Queen-3.jpg
Requested by
Host: zxs-jogosdecassino.somee.com
URL: http://zxs-jogosdecassino.somee.com/caca-niqueis-mais-populares/page-942-2024-03-25.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23fa50f5442cd5ecc6550da3786c44ec2e403e7fb93951f73541eb265592e3a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://zxs-jogosdecassino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 11:45:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx000000000000076c3ac9b-0064d770dd-adcbe5b3-fra1b
x-envoy-upstream-healthchecked-cluster
x-amz-storage-class
STANDARD
content-length
498031
last-modified
Fri, 29 Jan 2021 22:02:04 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
md5:0c6711d2b7cc13b69162c63413e70694
etag
"0c6711d2b7cc13b69162c63413e70694"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWaZ0RweowITue%2FM%2FFwCd%2FDP8crHVrmSYUmjHBeb2GaDUc2c1UIJwfDak2JhJlXMqUamAS%2BY2Vq3ZYQSNPwKkWcAV3msDA0B9YWXa9SsdpAIHLtDI1AAoaXPQ52XFtxQfAGUGw5%2FSTqTnKJ5Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-rgw-object-type
Normal
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7f5879075cf61e6e-FRA
2023-2.jpg
slotmachinesltd.com/wp-content/uploads/2016/07/ 		190 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slotmachinesltd.com/wp-content/uploads/2016/07/2023-2.jpg
Requested by
Host: zxs-jogosdecassino.somee.com
URL: http://zxs-jogosdecassino.somee.com/caca-niqueis-mais-populares/page-942-2024-03-25.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.149.36.179 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.36.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5d9da005e73684558171efc2fe92caf558544deec792c0c26e7f230256644308

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://zxs-jogosdecassino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-proxy-cache
MISS
date
Sat, 12 Aug 2023 11:45:34 GMT
expires
Sun, 11 Aug 2024 11:45:34 GMT
last-modified
Fri, 23 Mar 2018 15:42:04 GMT
server
nginx
etag
"5ab5204c-2f613"
x-proxy-cache-info
0 NC:000000 UP:
content-type
image/jpeg
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
194067
x-cdn-c
static
x-sg-cdn
1
Dragon-of-the-Princess-2.jpg
slotcatalog.com/userfiles/image/games/Gamomat/11042/ 		683 KB
685 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slotcatalog.com/userfiles/image/games/Gamomat/11042/Dragon-of-the-Princess-2.jpg
Requested by
Host: zxs-jogosdecassino.somee.com
URL: http://zxs-jogosdecassino.somee.com/caca-niqueis-mais-populares/page-942-2024-03-25.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35e87197738ef0900e5bd43dbade9e724cb438c74c7df39d47d9ff9d63791b69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://zxs-jogosdecassino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 11:45:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx00000000000007f50e6de-0064d770de-ad936504-fra1b
x-envoy-upstream-healthchecked-cluster
x-amz-storage-class
STANDARD
content-length
699811
last-modified
Fri, 05 Mar 2021 09:28:11 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
md5:c81f8aad0440f4b010bc904ce7f39ed0
etag
"c81f8aad0440f4b010bc904ce7f39ed0"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rij66JfqBN1ZyKWzJ9U7DLtMskpCZVLn3QIDzl8SPanNIYWsXWUW64QcAcqHCzFHb7DeFij3E08P%2Ba81%2BWhko0u92OMdMphkOH%2FxYRnGem61PeSh%2Fr5AbywQyU%2FahFpzOHAYMHPnC9Rz8QdE4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-rgw-object-type
Normal
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7f58790f89781e6e-FRA
princess-of-the-amazon-vorschau.jpg
www.online-casino.at/images/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.online-casino.at/images/princess-of-the-amazon-vorschau.jpg
Requested by
Host: zxs-jogosdecassino.somee.com
URL: http://zxs-jogosdecassino.somee.com/caca-niqueis-mais-populares/page-942-2024-03-25.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.199.138.104 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv10125.epyc.fastwebserver.de
Software
Apache/2.4.38 (Debian) /
Resource Hash
ad23e150f970f6e998a1d7a22ac3d1ce9696bf81506d78e5a4485409636552fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://zxs-jogosdecassino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 11:45:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 09 Sep 2016 16:38:21 GMT
server
Apache/2.4.38 (Debian)
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
78772
expires
Sun, 11 Aug 2024 11:45:35 GMT
Queen-Of-The-Nile-1.jpg
slotcatalog.com/userfiles/image/games/Aristocrat/2848/ 		236 KB
236 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slotcatalog.com/userfiles/image/games/Aristocrat/2848/Queen-Of-The-Nile-1.jpg
Requested by
Host: zxs-jogosdecassino.somee.com
URL: http://zxs-jogosdecassino.somee.com/caca-niqueis-mais-populares/page-942-2024-03-25.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
142fc70371f6dcc31e42c9dd4440a1fcedf49bde2d240c4852f7d0f27751db13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://zxs-jogosdecassino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 11:45:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx00000000000006da57e94-0064d23d0f-ad9364d7-fra1b
cf-polished
origSize=293019, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
x-amz-storage-class
STANDARD
content-length
241152
cf-bgj
imgq:100,h2pri
last-modified
Thu, 04 Mar 2021 15:42:11 GMT
x-amz-meta-s3cmd-attrs
md5:7ecc185af297199b4dd9db416987ee3e
server
cloudflare
etag
"7ecc185af297199b4dd9db416987ee3e"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpLMVD91CO2VWsMJLlgMg9aIbseg1LoI1arTsEUwBXk0N4ADM3U2cyLvvJWMHZNI%2BqjQ3lKM6D9Ta8FVvEm%2FGA4UmGnmA7qCpOCaNz0ZuE7jXojNjLLzQec3w7RqoixcNSFty9wHsjVhS3R%2Few%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-rgw-object-type
Normal
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7f587912de6c1e6e-FRA
Moon-Princess-Free-Slots.jpg
static.casino.guru/pict/22134/ 		168 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.casino.guru/pict/22134/Moon-Princess-Free-Slots.jpg?timestamp=1597795200000&width=838&imageDataId=23092
Requested by
Host: zxs-jogosdecassino.somee.com
URL: http://zxs-jogosdecassino.somee.com/caca-niqueis-mais-populares/page-942-2024-03-25.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:a000:0:4009:5180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
7529ce9679ae9db70331b61a0965a1104b0ae3d27c4f72caab109a3b148b11f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://zxs-jogosdecassino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 16:51:43 GMT
strict-transport-security
max-age=31536000;includeSubDomains
via
1.1 559b66bb8d6baca9fa30f875c62de1e6.cloudfront.net (CloudFront)
server
nginx/1.22.1
x-amz-cf-pop
MUC50-P3
age
2487232
etag
W/"0c9a930358feaf56bd30b179a6099b2d9"
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
image/jpeg;charset=UTF-8
cache-control
public, max-age=31556926
x-amz-cf-id
tQpcs1PL038a_WCutC1dUl_r1tAkUQILsO7pgxUWf0xqpOGvcJ2hsw==
service-worker-allowed
/news
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: zxs-jogosdecassino.somee.com
URL: http://zxs-jogosdecassino.somee.com/caca-niqueis-mais-populares/page-942-2024-03-25.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://zxs-jogosdecassino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 12:29:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170183
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33576
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Aug 2024 12:29:08 GMT
addthis_widget.js
s7.addthis.com/js/300/
Redirect Chain
  • http://s7.addthis.com/js/300/addthis_widget.js
  • https://s7.addthis.com/js/300/addthis_widget.js
56 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: zxs-jogosdecassino.somee.com
URL: http://zxs-jogosdecassino.somee.com/caca-niqueis-mais-populares/page-942-2024-03-25.html
Protocol
H2
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
Oracle API Gateway /
Resource Hash
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://zxs-jogosdecassino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 12 Aug 2023 11:45:31 GMT
server
Oracle API Gateway
opc-request-id
/E53BB8D3D5968C11D6FB88CE0891886F/781C9D49680D27BE92C1FC1108DAEC97
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/javascript
x-distribution
99
x-host
s7.addthis.com
content-length
76
x-xss-protection
1; mode=block

Redirect headers

Date
Sat, 12 Aug 2023 11:45:31 GMT
Server
nginx/1.15.8
X-Distribution
99
Content-Type
text/html
Location
https://s7.addthis.com/js/300/addthis_widget.js
X-Host
s7.addthis.com
Connection
keep-alive
Content-Length
171
js
www.googletagmanager.com/gtag/ 		270 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WKKLPLJP3V
Requested by
Host: zxs-jogosdecassino.somee.com
URL: http://zxs-jogosdecassino.somee.com/caca-niqueis-mais-populares/page-942-2024-03-25.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
03944083f1d0868a7deb746adf69b77a0854c2660c01bc7a99714ddd0b6cb398
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://zxs-jogosdecassino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 11:45:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90958
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 12 Aug 2023 11:45:35 GMT
js
www.googletagmanager.com/gtag/ 		250 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B29892VMGP
Requested by
Host: zxs-jogosdecassino.somee.com
URL: http://zxs-jogosdecassino.somee.com/caca-niqueis-mais-populares/page-942-2024-03-25.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
68eda8d4ad01f451bee0f96612160c6271a63b2c15470ec961dd3fb2b0e1676c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://zxs-jogosdecassino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 11:45:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86422
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 12 Aug 2023 11:45:35 GMT
js
www.googletagmanager.com/gtag/ 		164 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-96521599-1
Requested by
Host: zxs-jogosdecassino.somee.com
URL: http://zxs-jogosdecassino.somee.com/caca-niqueis-mais-populares/page-942-2024-03-25.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
af04dc2d5c94893a61ac09205cd4589e2b683b54d691b25dc0894a546d4e8a2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://zxs-jogosdecassino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 11:45:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61653
x-xss-protection
0
last-modified
Sat, 12 Aug 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 12 Aug 2023 11:45:35 GMT
js
www.googletagmanager.com/gtag/ 		164 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-199856617-1
Requested by
Host: zxs-jogosdecassino.somee.com
URL: http://zxs-jogosdecassino.somee.com/caca-niqueis-mais-populares/page-942-2024-03-25.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e684ffbf6d00d97a952cf0ffea3b18593d2db1c6f7ba81cdafe683018fc8906a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://zxs-jogosdecassino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 11:45:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61676
x-xss-protection
0
last-modified
Sat, 12 Aug 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 12 Aug 2023 11:45:35 GMT
js
www.googletagmanager.com/gtag/ 		164 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-162690612-1
Requested by
Host: zxs-jogosdecassino.somee.com
URL: http://zxs-jogosdecassino.somee.com/caca-niqueis-mais-populares/page-942-2024-03-25.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d13ed72e2029b1e2fd51f77a12176f0c07513d81f1b3c8a2ea5ad8cf194204b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://zxs-jogosdecassino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 11:45:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61739
x-xss-protection
0
last-modified
Sat, 12 Aug 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 12 Aug 2023 11:45:35 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308080102/ 		372 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308080102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890287250975679&plah=zxs-jogosdecassino.somee.com&bust=31076948
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6890287250975679
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d7df824c89975cab3607996eda5c5021aa8f94d9dab6c0823e34fc4afb8165d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://zxs-jogosdecassino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 11:45:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128451
x-xss-protection
0
server
cafe
etag
5571818505332196787
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 12 Aug 2023 11:45:35 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/ Frame 6FC6 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6890287250975679
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zxs-jogosdecassino.somee.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5548
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 12 Aug 2023 10:13:03 GMT
etag
12368291122986407432
expires
Sat, 26 Aug 2023 10:13:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bronline
91.215.152.128/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
91.215.152.128
URL
http://91.215.152.128/bronline?default_keyword=Video+slot+Princess+of+the+Amazon

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter string| keyword object| _0xdfb0 function| google_sa_impl

0 Cookies

2 Console Messages

Source Level URL
Text
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://91.215.152.128/bronline?default_keyword=Video+slot+Princess+of+the+Amazon, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://91.215.152.128/bronline?default_keyword=Video+slot+Princess+of+the+Amazon, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3.bp.blogspot.com
91.215.152.128
ajax.googleapis.com
casinorobots.com
cdn.soft112.com
googleads.g.doubleclick.net
i.ytimg.com
pagead2.googlesyndication.com
s7.addthis.com
slotcatalog.com
slotmachinesltd.com
static.casino.guru
www.googletagmanager.com
www.online-casino.at
zxs-jogosdecassino.somee.com
91.215.152.128
192.52.242.121
23.206.208.114
2400:52e0:1e00::1082:1
2600:9000:26db:a000:0:4009:5180:93a1
2606:4700:20::681a:2bf
2606:4700:20::681a:dd6
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2016
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2002
34.149.36.179
5.199.138.104
03944083f1d0868a7deb746adf69b77a0854c2660c01bc7a99714ddd0b6cb398
0ae5586d9890485b7d9cddaad714e8df68cb7abfd679402458149db9f38fdc42
142fc70371f6dcc31e42c9dd4440a1fcedf49bde2d240c4852f7d0f27751db13
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1f4e40712689edf9cda103445278d2fa2718cd592fc2747f7056145689388a62
23fa50f5442cd5ecc6550da3786c44ec2e403e7fb93951f73541eb265592e3a3
2932ab2432a9c4f19fffb5a1b0ae89584084f67f1bd71819df510096b923ef8a
2d7df824c89975cab3607996eda5c5021aa8f94d9dab6c0823e34fc4afb8165d
32835aea78f32773bbb9926916c7644f308d4a39c02855ff8e81477ef7feb74d
35e87197738ef0900e5bd43dbade9e724cb438c74c7df39d47d9ff9d63791b69
3c7da47ca0be7cacaedb9381c7f8f29f1b6f67206ce0c9aa32b1da24fb3e4c0c
5d9da005e73684558171efc2fe92caf558544deec792c0c26e7f230256644308
68eda8d4ad01f451bee0f96612160c6271a63b2c15470ec961dd3fb2b0e1676c
7529ce9679ae9db70331b61a0965a1104b0ae3d27c4f72caab109a3b148b11f5
77d6cef356868f46018abf1911b049186a3e4ca73b0f0cadf48033694324948c
7cbdd4d025a4531082dccd37e24d586c42a8d6ed2320fba6340649d932c901ae
ad23e150f970f6e998a1d7a22ac3d1ce9696bf81506d78e5a4485409636552fd
af04dc2d5c94893a61ac09205cd4589e2b683b54d691b25dc0894a546d4e8a2b
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
d13ed72e2029b1e2fd51f77a12176f0c07513d81f1b3c8a2ea5ad8cf194204b6
d31222c54333711609d411ac960ffec81a286008e95bd163c677227db22a0816
e684ffbf6d00d97a952cf0ffea3b18593d2db1c6f7ba81cdafe683018fc8906a
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d