urlscan.io logo urlscan.io
SecurityTrails logo

everyonedeservesashot.com Open in urlscan Pro
104.21.6.94  Public Scan

Go To Rescan Add Verdict Report
URL: https://everyonedeservesashot.com/
Submission: On November 02 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 6 domains to perform 22 HTTP transactions. The main IP is 104.21.6.94, located in and belongs to CLOUDFLARENET, US. The main domain is everyonedeservesashot.com.
TLS certificate: Issued by GTS CA 1P5 on November 1st 2023. Valid for: 3 months.
This is the only time everyonedeservesashot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.21.6.94 13335 (CLOUDFLAR...)
4 172.217.13.97 15169 (GOOGLE)
5 104.243.38.202 23470 (RELIABLESITE)
1 142.250.64.106 15169 (GOOGLE)
1 172.217.13.99 15169 (GOOGLE)
4 68.183.187.4 14061 (DIGITALOC...)
1 172.217.13.104 15169 (GOOGLE)
5 5 139.59.102.122 14061 (DIGITALOC...)
2 143.198.201.173 14061 (DIGITALOC...)
1 143.198.198.194 14061 (DIGITALOC...)
2 165.232.165.130 14061 (DIGITALOC...)
22 10
1    104.21.6.94 (None, )

ASN13335 (CLOUDFLARENET, US)
everyonedeservesashot.com
4    172.217.13.97 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f1.1e100.net
cdn.ampproject.org
5    104.243.38.202 (Piscataway, United States)

ASN23470 (RELIABLESITE, US)
i.ibb.co
1    142.250.64.106 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f10.1e100.net
fonts.googleapis.com
1    172.217.13.99 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f3.1e100.net
fonts.gstatic.com
4    68.183.187.4 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
68.183.187.4
1    172.217.13.104 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f8.1e100.net
www.googletagmanager.com
5    139.59.102.122 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
139.59.102.122
2    143.198.201.173 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
143.198.201.173
1    143.198.198.194 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
143.198.198.194
2    165.232.165.130 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
165.232.165.130
Apex Domain
Subdomains		 Transfer
5 ibb.co
i.ibb.co — Cisco Umbrella Rank: 11551
73 KB
4 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
89 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
89 KB
1 gstatic.com
fonts.gstatic.com
14 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
810 B
1 everyonedeservesashot.com
everyonedeservesashot.com
4 KB
22 6
Domain Requested by
5 i.ibb.co everyonedeservesashot.com
4 cdn.ampproject.org everyonedeservesashot.com
cdn.ampproject.org
1 www.googletagmanager.com 68.183.187.4
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com everyonedeservesashot.com
1 everyonedeservesashot.com
22 6

This site contains links to these domains. Also see Links.

Domain
rebrand.ly
direct.lc.chat
Subject Issuer Validity Valid
everyonedeservesashot.com
GTS CA 1P5		 2023-11-01 -
2024-01-30		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
ibb.co
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
68.183.187.4
ZeroSSL RSA Domain Secure Site CA		 2023-09-10 -
2024-09-09		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://everyonedeservesashot.com/
Frame ID: 03E21CBD306546A531BC8411E66AA314
Requests: 13 HTTP requests in this frame

Frame: https://68.183.187.4/pengeluaran-togel/toto-macau.php
Frame ID: 308BABCB4BB621B62CF1F76A28C4F5AF
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DATA MACAU | TOTO MACAU 4D | PENGELUARAN MACAU HARI INI | KELUARAN TOGEL MACAU

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

22
Requests

77 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

10
IPs

3
Countries

1684 kB
Transfer

2113 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://139.59.102.122/alitoto/728x90.php HTTP 302
  • https://143.198.201.173/alitoto/728x90.gif
Request Chain 17
  • https://139.59.102.122/ktvtogel/728x90.php HTTP 302
  • https://143.198.198.194/ktvtogel/728x90.gif
Request Chain 18
  • https://139.59.102.122/crown/728x90.php HTTP 302
  • https://165.232.165.130/crowntogel/728x90.gif
Request Chain 19
  • https://139.59.102.122/bingotogel/728x90.php HTTP 302
  • https://165.232.165.130/bingotogel/728x90.gif
Request Chain 20
  • https://139.59.102.122/platinumslot/728x90.php HTTP 302
  • https://143.198.201.173/platinumslot/728x90.gif

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
everyonedeservesashot.com/ 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://everyonedeservesashot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.6.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49e1ff45ea87669d3c8ca2de9f3802f0c16399a6e75422c59ba1ab9d2c0e7bb1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81fee705e8434207-EWR
content-encoding
br
content-type
text/html
date
Thu, 02 Nov 2023 19:49:44 GMT
last-modified
Thu, 02 Nov 2023 11:29:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rvdO4fdEOxF%2FiMONr4JNYELaWVmjsxCKrRXFuQ%2Ft70UIWA08Ou3Tm3UgckpdSMps%2BTkw4UVEhJMEGKtAjS%2F5LTvNkwMJvHPig%2B2Zrc0IbqsybKWhVODbHEM12urAALm%2FuL8jlJw6KAsbMQ3Y"}],"group":"cf-nel","max_age":604800}
server
cloudflare
v0.js
cdn.ampproject.org/ 		278 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: everyonedeservesashot.com
URL: https://everyonedeservesashot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
sffe /
Resource Hash
d814714dfdb518b0e13c82074c7ba39581f53169afcc1424f88e25927f020adb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://everyonedeservesashot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 02 Nov 2023 19:49:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73131
x-xss-protection
0
server
sffe
etag
"8cd1ce497f4c5169"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Nov 2023 19:49:44 GMT
Arowwai-Industries.jpg
i.ibb.co/bKdHmkt/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/bKdHmkt/Arowwai-Industries.jpg
Requested by
Host: everyonedeservesashot.com
URL: https://everyonedeservesashot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.202 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
0b1735389f9bbee72ea01caa54287af6f2e8d068bc3aeff0e55c726731bc078d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://everyonedeservesashot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:49:44 GMT
last-modified
Wed, 01 Nov 2023 20:59:05 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
58243
expires
Thu, 31 Dec 2037 23:55:55 GMT
css2
fonts.googleapis.com/ 		799 B
810 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Bebas+Neue&display=swap
Requested by
Host: everyonedeservesashot.com
URL: https://everyonedeservesashot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.106 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f10.1e100.net
Software
ESF /
Resource Hash
b9e9b0b21519e845db81ffccac314d0cbd5837b678ab15a63bc9ee470fa365c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://everyonedeservesashot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 02 Nov 2023 19:49:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 18:37:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Nov 2023 19:49:44 GMT
amp-iframe-0.1.js
cdn.ampproject.org/v0/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-iframe-0.1.js
Requested by
Host: everyonedeservesashot.com
URL: https://everyonedeservesashot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
sffe /
Resource Hash
b850097bb59808a7100e3ef2e1761dedba12d6659c241e9039099354054ce71c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://everyonedeservesashot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 02 Nov 2023 19:49:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8917
x-xss-protection
0
server
sffe
etag
"bd0e770e6426cbdd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Nov 2023 19:49:44 GMT
JTUSjIg69CK48gW7PXoo9Wlhyw.woff2
fonts.gstatic.com/s/bebasneue/v14/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bebasneue/v14/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bebas+Neue&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f3.1e100.net
Software
sffe /
Resource Hash
02f5dfc0c21e92f3c724260f035833e627513a1b91230cc490a1ea756c95e5e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://everyonedeservesashot.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 16:02:32 GMT
x-content-type-options
nosniff
age
532033
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13820
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 21:28:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Oct 2024 16:02:32 GMT
logopion.png
i.ibb.co/xhfXvKz/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/xhfXvKz/logopion.png
Requested by
Host: everyonedeservesashot.com
URL: https://everyonedeservesashot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.202 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
b1797386ea3324614d2aec2c5afd226565a00ff7b7570484c932cbbc47ff6cb4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://everyonedeservesashot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:49:45 GMT
last-modified
Wed, 01 Nov 2023 20:13:30 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
12022
expires
Thu, 31 Dec 2037 23:55:55 GMT
toto-macau.php
68.183.187.4/pengeluaran-togel/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://68.183.187.4/pengeluaran-togel/toto-macau.php
Requested by
Host: everyonedeservesashot.com
URL: https://everyonedeservesashot.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.187.4 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://everyonedeservesashot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
livechatt.webp
i.ibb.co/grbJpXz/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/grbJpXz/livechatt.webp
Requested by
Host: everyonedeservesashot.com
URL: https://everyonedeservesashot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.202 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
ecbd9d85c493dc1813048b9ebc9f4a2435bac52198d64b74279868b5a85f6fcf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://everyonedeservesashot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:49:45 GMT
last-modified
Sat, 05 Aug 2023 18:03:18 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
1242
expires
Thu, 31 Dec 2037 23:55:55 GMT
daftar1.webp
i.ibb.co/NrYXBSj/ 		416 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/NrYXBSj/daftar1.webp
Requested by
Host: everyonedeservesashot.com
URL: https://everyonedeservesashot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.202 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
bed1c9ff46cdef98df18150fe79b6b9a5e19cc8b3c3ff89d4661ae93bd53157c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://everyonedeservesashot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:49:45 GMT
last-modified
Sat, 05 Aug 2023 18:03:48 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
416
expires
Thu, 31 Dec 2037 23:55:55 GMT
Whatsapp.webp
i.ibb.co/3yN2xmY/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/3yN2xmY/Whatsapp.webp
Requested by
Host: everyonedeservesashot.com
URL: https://everyonedeservesashot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.202 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
4cabd806936ac7f50f887e7e1c277e60d5de4502fe0cf572326fdb183933e6f0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://everyonedeservesashot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:49:45 GMT
last-modified
Sat, 05 Aug 2023 18:04:16 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
1590
expires
Thu, 31 Dec 2037 23:55:55 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012310201815000/v0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
sffe /
Resource Hash
46f3814580ed67b82400f08e6e77214c1ab59427a34f8a4180b2129f70c477ec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://everyonedeservesashot.com/
Origin
https://everyonedeservesashot.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 31 Oct 2023 18:16:15 GMT
age
178410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2975
x-xss-protection
0
server
sffe
etag
"4ca4ccf1afd64d82"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Oct 2024 18:16:15 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012310201815000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f1.1e100.net
Software
sffe /
Resource Hash
0daacbec8b84ea75e745a5eb6f3556e1e9e0bd14566bd91e7f3c5a0a53c6c178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://everyonedeservesashot.com/
Origin
https://everyonedeservesashot.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 31 Oct 2023 18:16:15 GMT
age
178410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3941
x-xss-protection
0
server
sffe
etag
"aef77be21ea5e253"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Oct 2024 18:16:15 GMT
toto-macau.php
68.183.187.4/pengeluaran-togel/ Frame 308B 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://68.183.187.4/pengeluaran-togel/toto-macau.php
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.187.4 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
431a4ebe86d7df1319f7ac106572c6b5b001bbcdb0a198aec6653edab3e9f747

Request headers

Referer
https://everyonedeservesashot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 02 Nov 2023 19:49:45 GMT
server
nginx
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ Frame 308B 		267 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q4EB37WLEG
Requested by
Host: 68.183.187.4
URL: https://68.183.187.4/pengeluaran-togel/toto-macau.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c091256dcbc8b077cadf92162400cb7f74cfb670ef8b84aecc44ab1a55fcefaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://68.183.187.4/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:49:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91023
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 02 Nov 2023 19:49:46 GMT
StyleKeluaran.css
68.183.187.4/pengeluaran-togel/ Frame 308B 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://68.183.187.4/pengeluaran-togel/StyleKeluaran.css
Requested by
Host: 68.183.187.4
URL: https://68.183.187.4/pengeluaran-togel/toto-macau.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.187.4 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
16260e965d1d70e8d1c5d3bb2d88d644547d40c19e10f321e34fa99deb5e1f6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://68.183.187.4/pengeluaran-togel/toto-macau.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:49:46 GMT
content-encoding
gzip
last-modified
Sat, 29 Jul 2023 08:33:16 GMT
server
nginx
etag
W/"64c4cecc-143e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
livedrawpedia-logo.webp
68.183.187.4/Flag/ Frame 308B 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://68.183.187.4/Flag/livedrawpedia-logo.webp
Requested by
Host: 68.183.187.4
URL: https://68.183.187.4/pengeluaran-togel/toto-macau.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.187.4 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
2dc84180e0ae10fab31597f18ecb71639b50fbb4b6000e05db07aa8a54640517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://68.183.187.4/pengeluaran-togel/toto-macau.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:49:46 GMT
last-modified
Wed, 15 Feb 2023 14:46:07 GMT
server
nginx
etag
"63ecf02f-549e"
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
content-length
21662
expires
Thu, 31 Dec 2037 23:55:55 GMT
728x90.gif
143.198.201.173/alitoto/ Frame 308B
Redirect Chain
  • https://139.59.102.122/alitoto/728x90.php
  • https://143.198.201.173/alitoto/728x90.gif
257 KB
257 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://143.198.201.173/alitoto/728x90.gif
Requested by
Host: 68.183.187.4
URL: https://68.183.187.4/pengeluaran-togel/toto-macau.php
Protocol
HTTP/1.1
Server
143.198.201.173 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
54c3919dd3266e08c3ab152705d54efe3cd43f7b3f8511382be9fa882bb852b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://68.183.187.4/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 19:49:47 GMT
Last-Modified
Wed, 11 Oct 2023 10:43:36 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65267c58-40283"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
262787

Redirect headers

location
https://143.198.201.173/alitoto/728x90.gif
Date
Thu, 02 Nov 2023 19:49:46 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
728x90.gif
143.198.198.194/ktvtogel/ Frame 308B
Redirect Chain
  • https://139.59.102.122/ktvtogel/728x90.php
  • https://143.198.198.194/ktvtogel/728x90.gif
303 KB
304 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://143.198.198.194/ktvtogel/728x90.gif
Requested by
Host: 68.183.187.4
URL: https://68.183.187.4/pengeluaran-togel/toto-macau.php
Protocol
HTTP/1.1
Server
143.198.198.194 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f86f54f6873c2cb78a04242517b7d18f7836104d47c9dd02de4ca7802d6b2dfb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://68.183.187.4/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 19:49:47 GMT
Last-Modified
Wed, 11 Oct 2023 10:38:29 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65267b25-4bdc4"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
310724

Redirect headers

location
https://143.198.198.194/ktvtogel/728x90.gif
Date
Thu, 02 Nov 2023 19:49:47 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
728x90.gif
165.232.165.130/crowntogel/ Frame 308B
Redirect Chain
  • https://139.59.102.122/crown/728x90.php
  • https://165.232.165.130/crowntogel/728x90.gif
327 KB
327 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://165.232.165.130/crowntogel/728x90.gif
Protocol
HTTP/1.1
Server
165.232.165.130 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
018bbea2051593b163ab0cc61748db32a7de86832492a1933914b319fb76c83a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://68.183.187.4/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 19:49:48 GMT
Last-Modified
Wed, 11 Oct 2023 09:58:41 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"652671d1-51ba8"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
334760

Redirect headers

location
https://165.232.165.130/crowntogel/728x90.gif
Date
Thu, 02 Nov 2023 19:49:47 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
728x90.gif
165.232.165.130/bingotogel/ Frame 308B
Redirect Chain
  • https://139.59.102.122/bingotogel/728x90.php
  • https://165.232.165.130/bingotogel/728x90.gif
328 KB
328 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://165.232.165.130/bingotogel/728x90.gif
Protocol
HTTP/1.1
Server
165.232.165.130 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e33cb816af60520834f7320628a058d26f2e10edf4beadfa197d7170c09dc8b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://68.183.187.4/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 19:49:48 GMT
Last-Modified
Wed, 11 Oct 2023 09:58:19 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"652671bb-51fea"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
335850

Redirect headers

location
https://165.232.165.130/bingotogel/728x90.gif
Date
Thu, 02 Nov 2023 19:49:47 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
728x90.gif
143.198.201.173/platinumslot/ Frame 308B
Redirect Chain
  • https://139.59.102.122/platinumslot/728x90.php
  • https://143.198.201.173/platinumslot/728x90.gif
172 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://143.198.201.173/platinumslot/728x90.gif
Protocol
HTTP/1.1
Server
143.198.201.173 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3a59bf2dd921f1a4fcd307b70e6c26b5e8bb39aaedd771aadc6312fcad335f63

Request headers

accept-language
en-US,en;q=0.9
Referer
https://68.183.187.4/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 19:49:48 GMT
Last-Modified
Wed, 11 Oct 2023 10:42:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65267c32-2af3a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
175930

Redirect headers

location
https://143.198.201.173/platinumslot/728x90.gif
Date
Thu, 02 Nov 2023 19:49:47 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| listeningFors

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
everyonedeservesashot.com
fonts.googleapis.com
fonts.gstatic.com
i.ibb.co
www.googletagmanager.com
104.21.6.94
104.243.38.202
139.59.102.122
142.250.64.106
143.198.198.194
143.198.201.173
165.232.165.130
172.217.13.104
172.217.13.97
172.217.13.99
68.183.187.4
018bbea2051593b163ab0cc61748db32a7de86832492a1933914b319fb76c83a
02f5dfc0c21e92f3c724260f035833e627513a1b91230cc490a1ea756c95e5e5
0b1735389f9bbee72ea01caa54287af6f2e8d068bc3aeff0e55c726731bc078d
0daacbec8b84ea75e745a5eb6f3556e1e9e0bd14566bd91e7f3c5a0a53c6c178
16260e965d1d70e8d1c5d3bb2d88d644547d40c19e10f321e34fa99deb5e1f6b
2dc84180e0ae10fab31597f18ecb71639b50fbb4b6000e05db07aa8a54640517
3a59bf2dd921f1a4fcd307b70e6c26b5e8bb39aaedd771aadc6312fcad335f63
431a4ebe86d7df1319f7ac106572c6b5b001bbcdb0a198aec6653edab3e9f747
46f3814580ed67b82400f08e6e77214c1ab59427a34f8a4180b2129f70c477ec
49e1ff45ea87669d3c8ca2de9f3802f0c16399a6e75422c59ba1ab9d2c0e7bb1
4cabd806936ac7f50f887e7e1c277e60d5de4502fe0cf572326fdb183933e6f0
54c3919dd3266e08c3ab152705d54efe3cd43f7b3f8511382be9fa882bb852b5
b1797386ea3324614d2aec2c5afd226565a00ff7b7570484c932cbbc47ff6cb4
b850097bb59808a7100e3ef2e1761dedba12d6659c241e9039099354054ce71c
b9e9b0b21519e845db81ffccac314d0cbd5837b678ab15a63bc9ee470fa365c6
bed1c9ff46cdef98df18150fe79b6b9a5e19cc8b3c3ff89d4661ae93bd53157c
c091256dcbc8b077cadf92162400cb7f74cfb670ef8b84aecc44ab1a55fcefaf
d814714dfdb518b0e13c82074c7ba39581f53169afcc1424f88e25927f020adb
e33cb816af60520834f7320628a058d26f2e10edf4beadfa197d7170c09dc8b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecbd9d85c493dc1813048b9ebc9f4a2435bac52198d64b74279868b5a85f6fcf
f86f54f6873c2cb78a04242517b7d18f7836104d47c9dd02de4ca7802d6b2dfb