kalmarcasino.com Open in urlscan Pro
2a02:250:0:8::51 Public Scan

URL:
http://kalmarcasino.com/
Submission: On December 04 via api (December 4th 2018, 9:31:23 pm UTC) from DE

Summary HTTP 29 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 13 domains to perform 29 HTTP transactions. The main IP is 2a02:250:0:8::51, located in Sweden and belongs to LOOPIA, SE. The main domain is kalmarcasino.com.

This is the only time kalmarcasino.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2a02:250:0:8::51 2a02:250:0:8::51	39570 (LOOPIA) (LOOPIA)
1	2a00:1450:400... 2a00:1450:4001:81f::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2	54.171.134.250 54.171.134.250	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5	34.254.77.86 34.254.77.86	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	79.136.114.72 79.136.114.72	8473 (BAHNHOF h...) (BAHNHOF http://www.bahnhof.net/)
2	143.204.98.193 143.204.98.193	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	23.111.8.148 23.111.8.148	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	108.161.187.9 108.161.187.9	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
29	9

10 2a02:250:0:8::51 (Sweden)

ASN39570 (LOOPIA, SE)

kalmarcasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.134.250 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-171-134-250.eu-west-1.compute.amazonaws.com

ads.cherrycasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.eurolotto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.254.77.86 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-254-77-86.eu-west-1.compute.amazonaws.com

media.comeon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.mobilebet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.casinostugan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.mobilautomaten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.sveacasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 79.136.114.72 (Uppsala, Sweden)

ASN8473 (BAHNHOF http://www.bahnhof.net/, SE)
PTR: n3.susnet.se

susnet.nu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.193 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-98-193.fra50.r.cloudfront.net

d1sqbym1jmnqus.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.111.8.148 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

embed.bannerflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.161.187.9 (Los Angeles, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

cherryaffiliates.host.bannerflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	kalmarcasino.com kalmarcasino.com	239 KB
5	bannerflow.com embed.bannerflow.com cherryaffiliates.host.bannerflow.com
2	cloudfront.net d1sqbym1jmnqus.cloudfront.net	62 KB
2	susnet.nu susnet.nu	3 KB
2	google-analytics.com www.google-analytics.com	17 KB
1	sveacasino.com ads.sveacasino.com	483 B
1	eurolotto.com ads.eurolotto.com	422 B
1	mobilautomaten.com media.mobilautomaten.com	421 B
1	casinostugan.com media.casinostugan.com	419 B
1	mobilebet.com media.mobilebet.com	417 B
1	comeon.com media.comeon.com	414 B
1	cherrycasino.com ads.cherrycasino.com	499 B
1	googletagmanager.com www.googletagmanager.com	32 KB
29	13

	Domain	Requested by
10	kalmarcasino.com	kalmarcasino.com
4	embed.bannerflow.com	media.comeon.com media.mobilebet.com media.casinostugan.com media.mobilautomaten.com
2	d1sqbym1jmnqus.cloudfront.net	kalmarcasino.com
2	susnet.nu	kalmarcasino.com susnet.nu
2	www.google-analytics.com	www.googletagmanager.com kalmarcasino.com
1	cherryaffiliates.host.bannerflow.com	ads.eurolotto.com
1	ads.sveacasino.com	kalmarcasino.com
1	ads.eurolotto.com	kalmarcasino.com
1	media.mobilautomaten.com	kalmarcasino.com
1	media.casinostugan.com	kalmarcasino.com
1	media.mobilebet.com	kalmarcasino.com
1	media.comeon.com	kalmarcasino.com
1	ads.cherrycasino.com	kalmarcasino.com
1	www.googletagmanager.com	kalmarcasino.com
29	14

This site contains links to these domains. Also see Links.

Domain
www.stodlinjen.se
ads.cherrycasino.com
ads.sveacasino.com

Subject Issuer	Validity	Valid
*.google-analytics.com Google Internet Authority G3	`2018-11-07` - `2019-01-30`	3 months	crt.sh
*.cherrycasino.com DigiCert SHA2 High Assurance Server CA	`2018-10-10` - `2020-11-25`	2 years	crt.sh
media.comeon.com GeoTrust RSA CA 2018	`2018-09-28` - `2020-09-07`	2 years	crt.sh
*.eurolotto.com DigiCert SHA2 High Assurance Server CA	`2017-07-03` - `2019-07-12`	2 years	crt.sh
*.sveacasino.com DigiCert SHA2 High Assurance Server CA	`2018-02-06` - `2019-04-10`	a year	crt.sh
*.google.com Google Internet Authority G3	`2018-11-07` - `2019-01-30`	3 months	crt.sh
susnet.nu Go Daddy Secure Certificate Authority - G2	`2017-09-23` - `2019-11-20`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh

This page contains 6 frames:

Primary Page: http://kalmarcasino.com/
Frame ID: F1209DBE169ADBAD06D36682B1662017
Requests: 24 HTTP requests in this frame

Frame: http://embed.bannerflow.com/iframe?placement=5bdc6813ec3d36403413f1e4&targetwindow=_blank&targeturl=https%3A%2F%2Fmedia.comeon.com%2Ftracking.php%3Ftracking_code%26aid%3D102120%26mid%3D2365%26sid%3D336739%26pid%3D400%26tid%3D10000908924335
Frame ID: 3291C9800AC324FF681AFE732CD591C2
Requests: 1 HTTP requests in this frame

Frame: http://embed.bannerflow.com/iframe?placement=5ba38895f4ea273ba4bf13e7&targetwindow=_blank&targeturl=https%3A%2F%2Fmedia.mobilebet.com%2Ftracking.php%3Ftracking_code%26aid%3D102120%26mid%3D2278%26sid%3D336739%26pid%3D402%26tid%3D10000908924336
Frame ID: ED8AE105627EBA22183162D1E1E16840
Requests: 1 HTTP requests in this frame

Frame: http://embed.bannerflow.com/iframe?placement=5b7d81e86817397f5c989e37&targetwindow=_blank&targeturl=https%3A%2F%2Fmedia.casinostugan.com%2Ftracking.php%3Ftracking_code%26aid%3D102120%26mid%3D2201%26sid%3D336739%26pid%3D409%26tid%3D10000908924337
Frame ID: AAB9F7FDC72A6DD2C7539E946D057FEC
Requests: 1 HTTP requests in this frame

Frame: http://embed.bannerflow.com/iframe?placement=5b7d7c476817397f5c989c16&targetwindow=_blank&targeturl=https%3A%2F%2Fmedia.mobilautomaten.com%2Ftracking.php%3Ftracking_code%26aid%3D102120%26mid%3D2183%26sid%3D336739%26pid%3D412%26tid%3D10000908924338
Frame ID: 21984ECBA15CDD644562C90392ABA4D1
Requests: 1 HTTP requests in this frame

Frame: http://cherryaffiliates.host.bannerflow.com/iframe.html?filename=ad_1097596_191.html&size=468x60&clicktag=https%3A%2F%2Fads.eurolotto.com%2Ftracking.php%3Ftracking_code%26aid%3D102120%26mid%3D1447%26sid%3D336739%26pid%3D91%26tid%3D10000908924340
Frame ID: EBCC78597EEC3F85B377FC2ABF5ED6AD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

Page Statistics

29
Requests

48 %
HTTPS

33 %
IPv6

13
Domains

14
Subdomains

9
IPs

3
Countries

355 kB
Transfer

456 kB
Size

3
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.stodlinjen.se/
Title: www.stodlinjen.se

Search URL Search Domain Scan URL

URL: https://ads.cherrycasino.com/tracking.php?tracking_code&aid=102120&mid=1022&sid=336739&pid=34&target=_blank&tid=10000908924334

Search URL Search Domain Scan URL

URL: https://ads.sveacasino.com/tracking.php?tracking_code&aid=102120&mid=1121&sid=336739&pid=200&target=_blank&tid=10000908924339

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
kalmarcasino.com/ 6 KB
3 KB 91ms
58ms Document
text/html 2a02:250:0:8::51
LOOPIA

General

Domain/Path	Expires	Name / Value
.kalmarcasino.com/	1970-01-18 20:52:39	Name: _gat_gtag_UA_120065386_29 Value: 1
.kalmarcasino.com/	1970-01-18 20:54:05	Name: _gid Value: GA1.2.1388751888.1543959066
.kalmarcasino.com/	1970-01-19 14:23:51	Name: _ga Value: GA1.2.261449890.1543959066

kalmarcasino.com Open in urlscan Pro 2a02:250:0:8::51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

29 Requests

48 %HTTPS

33 %IPv6

13 Domains

14 Subdomains

9 IPs

3 Countries

355 kBTransfer

456 kBSize

3 Cookies

3 Outgoing links

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

kalmarcasino.com Open in urlscan Pro
2a02:250:0:8::51 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

48 %
HTTPS

33 %
IPv6

13
Domains

14
Subdomains

9
IPs

3
Countries

355 kB
Transfer

456 kB
Size

3
Cookies

29 HTTP transactions
0 data transactions