urlscan.io logo urlscan.io
SecurityTrails logo

h0zi.linkforusers.com Open in urlscan Pro
66.195.197.27  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://172-105-201-99.ip.linodeusercontent.com/aDFqYWJka0U4YjJaY3g3a3dHeVpZZGUyU0RvRlY1bENLOXd0N1doYndFTmZoWXZ3aStjSGxFUTQvQXBhcHlka3FiaXpQb0hh...
Effective URL: https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
Submission: On September 07 via api from US — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 16 HTTP transactions. The main IP is 66.195.197.27, located in United States and belongs to CCCAS-1, US. The main domain is h0zi.linkforusers.com.
TLS certificate: Issued by R3 on July 9th 2023. Valid for: 3 months.
This is the only time h0zi.linkforusers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.105.201.99 63949 (AKAMAI-LI...)
1 141.98.5.228 8100 (ASN-QUADR...)
1 12 66.195.197.27 11402 (CCCAS-1)
1 172.217.175.74 15169 (GOOGLE)
1 142.251.222.42 15169 (GOOGLE)
1 69.16.175.10 20446 (STACKPATH...)
1 142.250.207.35 15169 (GOOGLE)
16 6
1    172.105.201.99 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-105-201-99.ip.linodeusercontent.com
172-105-201-99.ip.linodeusercontent.com
1    141.98.5.228 (Bulgaria)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
zoromangare.com
12    66.195.197.27 (United States)

ASN11402 (CCCAS-1, US)
h0zi.arrangedclearlink.com
h0zi.linkforusers.com
1    172.217.175.74 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s20-in-f10.1e100.net
fonts.googleapis.com
1    142.251.222.42 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s72-in-f10.1e100.net
ajax.googleapis.com
1    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
1    142.250.207.35 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s55-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
11 linkforusers.com
h0zi.linkforusers.com
543 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 58
ajax.googleapis.com — Cisco Umbrella Rank: 406
34 KB
1 gstatic.com
fonts.gstatic.com
11 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 820
33 KB
1 arrangedclearlink.com
h0zi.arrangedclearlink.com
695 B
1 zoromangare.com
zoromangare.com
409 B
1 linodeusercontent.com
172-105-201-99.ip.linodeusercontent.com
373 B
16 7
Domain Requested by
11 h0zi.linkforusers.com zoromangare.com
h0zi.linkforusers.com
1 fonts.gstatic.com fonts.googleapis.com
1 code.jquery.com h0zi.linkforusers.com
1 ajax.googleapis.com h0zi.linkforusers.com
1 fonts.googleapis.com h0zi.linkforusers.com
1 h0zi.arrangedclearlink.com 1 redirects
1 zoromangare.com
1 172-105-201-99.ip.linodeusercontent.com 1 redirects
16 8

This site contains no links.

Subject Issuer Validity Valid
zoromangare.com
R3		 2023-07-25 -
2023-10-23		 3 months crt.sh
linkforusers.com
R3		 2023-07-09 -
2023-10-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
Frame ID: FEE98618AD44F6AF8514F87E25707458
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Congratulations!

Page URL History Show full URLs

  1. http://172-105-201-99.ip.linodeusercontent.com/aDFqYWJka0U4YjJaY3g3a3dHeVpZZGUyU0RvRlY1bENLOXd0N1doYndFTmZoWXZ3aStjSGxFUTQv... HTTP 302
    https://zoromangare.com/0/2/14730/ce6e79e34b29fddf5e355cd6a73dab25/1/8890_17/30_5603_610_81687_md Page URL
  2. https://h0zi.arrangedclearlink.com/?kw=31&s2=1049307067 HTTP 302
    https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

6
IPs

3
Countries

622 kB
Transfer

744 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://172-105-201-99.ip.linodeusercontent.com/aDFqYWJka0U4YjJaY3g3a3dHeVpZZGUyU0RvRlY1bENLOXd0N1doYndFTmZoWXZ3aStjSGxFUTQvQXBhcHlka3FiaXpQb0hhQzlFMmlUejhSVUh6eEE9PQ__ HTTP 302
    https://zoromangare.com/0/2/14730/ce6e79e34b29fddf5e355cd6a73dab25/1/8890_17/30_5603_610_81687_md Page URL
  2. https://h0zi.arrangedclearlink.com/?kw=31&s2=1049307067 HTTP 302
    https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://172-105-201-99.ip.linodeusercontent.com/aDFqYWJka0U4YjJaY3g3a3dHeVpZZGUyU0RvRlY1bENLOXd0N1doYndFTmZoWXZ3aStjSGxFUTQvQXBhcHlka3FiaXpQb0hhQzlFMmlUejhSVUh6eEE9PQ__ HTTP 302
  • https://zoromangare.com/0/2/14730/ce6e79e34b29fddf5e355cd6a73dab25/1/8890_17/30_5603_610_81687_md

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
30_5603_610_81687_md
zoromangare.com/0/2/14730/ce6e79e34b29fddf5e355cd6a73dab25/1/8890_17/
Redirect Chain
  • http://172-105-201-99.ip.linodeusercontent.com/aDFqYWJka0U4YjJaY3g3a3dHeVpZZGUyU0RvRlY1bENLOXd0N1doYndFTmZoWXZ3aStjSGxFUTQvQXBhcHlka3FiaXpQb0hhQzlFMmlUejhSVUh6eEE9PQ__
  • https://zoromangare.com/0/2/14730/ce6e79e34b29fddf5e355cd6a73dab25/1/8890_17/30_5603_610_81687_md
118 B
409 B 		Document
General
Check archive.org
Download Go to
Full URL
https://zoromangare.com/0/2/14730/ce6e79e34b29fddf5e355cd6a73dab25/1/8890_17/30_5603_610_81687_md
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.98.5.228 , Bulgaria, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
jp-jp,jp;q=0.9

Response headers

content-length
118
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 11:30:59 GMT
server
Apache

Redirect headers

Connection
Keep-Alive
Content-Length
163
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Sep 2023 11:30:55 GMT
Keep-Alive
timeout=5, max=100
Location
https://zoromangare.com/0/2/14730/ce6e79e34b29fddf5e355cd6a73dab25/1/8890_17/30_5603_610_81687_md
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
X-Powered-By
PHP/7.1.33
Primary Request 0619827c-4d72-11ee-8fba-9bef6eea36e7
h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/
Redirect Chain
  • https://h0zi.arrangedclearlink.com/?kw=31&s2=1049307067
  • https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
14 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
Requested by
Host: zoromangare.com
URL: https://zoromangare.com/0/2/14730/ce6e79e34b29fddf5e355cd6a73dab25/1/8890_17/30_5603_610_81687_md
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.195.197.27 , United States, ASN11402 (CCCAS-1, US),
Reverse DNS
Software
swoole-http-server /
Resource Hash
6c5b308105a56865b61e908aa0eb53cb7d84937429462f95b0a5dec1c9b8d874
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://zoromangare.com/0/2/14730/ce6e79e34b29fddf5e355cd6a73dab25/1/8890_17/30_5603_610_81687_md
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 11:31:03 GMT
server
swoole-http-server
strict-transport-security
max-age=15768000
x-redir
true

Redirect headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 11:31:01 GMT
location
https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
server
swoole-http-server
strict-transport-security
max-age=15768000
x-redir
true
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed%7COpen+Sans:400,700
Requested by
Host: h0zi.linkforusers.com
URL: https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f10.1e100.net
Software
ESF /
Resource Hash
ead5b789486a1fa24ab94689b256053be2c9fea300850d1205168950cf8ab110
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://h0zi.linkforusers.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Sep 2023 11:31:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Thu, 07 Sep 2023 11:31:03 GMT
style.css
h0zi.linkforusers.com/templates/templates/spin-casino_MASTER/css/ 		25 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://h0zi.linkforusers.com/templates/templates/spin-casino_MASTER/css/style.css
Requested by
Host: h0zi.linkforusers.com
URL: https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.195.197.27 , United States, ASN11402 (CCCAS-1, US),
Reverse DNS
Software
swoole-http-server /
Resource Hash
cbb35e1bf577e547b7e14888f498596f26806405ccc232714eda67bdc323d4a6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 04 Sep 2023 16:33:28 GMT
via
1.1 varnish (Varnish/7.3)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
241055
x-varnish
3592039 32776
content-type
text/css
accept-ranges
bytes
content-length
25402
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: h0zi.linkforusers.com
URL: https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f10.1e100.net
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://h0zi.linkforusers.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 01 Sep 2023 01:47:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
553443
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32954
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Aug 2024 01:47:00 GMT
push_na_push.js
h0zi.linkforusers.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h0zi.linkforusers.com/push_na_push.js?aff_id=1163&custom=v2&s2=06e55136-4d72-11ee-8bfd-b94417c0074e
Requested by
Host: h0zi.linkforusers.com
URL: https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.195.197.27 , United States, ASN11402 (CCCAS-1, US),
Reverse DNS
Software
swoole-http-server /
Resource Hash
cc83c0e40f17d466aa3406b372b0e7630b60090f8afd7935619b347bf15dd043
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 07 Sep 2023 11:31:03 GMT
via
1.1 varnish (Varnish/7.3)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
0
x-varnish
3274423
content-type
application/javascript
x-redir
true
cache-control
no-cache, private
accept-ranges
bytes
content-length
1150
service-worker-allowed
/
overlay.png
h0zi.linkforusers.com/templates/templates/spin-casino_MASTER/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h0zi.linkforusers.com/templates/templates/spin-casino_MASTER/images/overlay.png
Requested by
Host: h0zi.linkforusers.com
URL: https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.195.197.27 , United States, ASN11402 (CCCAS-1, US),
Reverse DNS
Software
swoole-http-server /
Resource Hash
bd03836c50a13a9d0c5868a5656f4112f69909cc52c50ca21de772da164e13a2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 04 Sep 2023 16:33:28 GMT
via
1.1 varnish (Varnish/7.3)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
241055
x-varnish
3274434 32783
content-type
image/png
accept-ranges
bytes
content-length
18661
overlay2.png
h0zi.linkforusers.com/templates/templates/spin-casino_MASTER/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h0zi.linkforusers.com/templates/templates/spin-casino_MASTER/images/overlay2.png
Requested by
Host: h0zi.linkforusers.com
URL: https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.195.197.27 , United States, ASN11402 (CCCAS-1, US),
Reverse DNS
Software
swoole-http-server /
Resource Hash
677aebad5741b57c1a3a51f8a65cd295a7aae1d656958313a882ef199f046418
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 04 Sep 2023 16:33:28 GMT
via
1.1 varnish (Varnish/7.3)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
241055
x-varnish
3176123 32779
content-type
image/png
accept-ranges
bytes
content-length
18646
dollar_reel.fs8.png
h0zi.linkforusers.com/templates/templates/spin-casino_MASTER/images/ 		253 KB
253 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h0zi.linkforusers.com/templates/templates/spin-casino_MASTER/images/dollar_reel.fs8.png
Requested by
Host: h0zi.linkforusers.com
URL: https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.195.197.27 , United States, ASN11402 (CCCAS-1, US),
Reverse DNS
Software
swoole-http-server /
Resource Hash
b9e962e0f9810e278130875315423d3205bbe90b01a19137b738d378ddda7bad
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 04 Sep 2023 16:33:41 GMT
via
1.1 varnish (Varnish/7.3)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
241042
x-varnish
3372390 163877
content-type
image/png
accept-ranges
bytes
content-length
259089
spin1.png
h0zi.linkforusers.com/templates/templates/spin-casino_MASTER/images/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h0zi.linkforusers.com/templates/templates/spin-casino_MASTER/images/spin1.png
Requested by
Host: h0zi.linkforusers.com
URL: https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.195.197.27 , United States, ASN11402 (CCCAS-1, US),
Reverse DNS
Software
swoole-http-server /
Resource Hash
bc50750cd41cbabc77efc8143fb1b210c983a23e5c954b65b02562958b922e63
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 04 Sep 2023 16:33:28 GMT
via
1.1 varnish (Varnish/7.3)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
241055
x-varnish
3592045 11
content-type
image/png
accept-ranges
bytes
content-length
85123
spin2.png
h0zi.linkforusers.com/templates/templates/spin-casino_MASTER/images/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h0zi.linkforusers.com/templates/templates/spin-casino_MASTER/images/spin2.png
Requested by
Host: h0zi.linkforusers.com
URL: https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.195.197.27 , United States, ASN11402 (CCCAS-1, US),
Reverse DNS
Software
swoole-http-server /
Resource Hash
ada8eb4421bf605c058c123aa95bd5e4590b4507c68809f563c921e4db31ea8a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 04 Sep 2023 16:33:28 GMT
via
1.1 varnish (Varnish/7.3)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
241055
x-varnish
3274436 14
content-type
image/png
accept-ranges
bytes
content-length
88130
loader.gif
h0zi.linkforusers.com/templates/templates/spin-casino_MASTER/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h0zi.linkforusers.com/templates/templates/spin-casino_MASTER/images/loader.gif
Requested by
Host: h0zi.linkforusers.com
URL: https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.195.197.27 , United States, ASN11402 (CCCAS-1, US),
Reverse DNS
Software
swoole-http-server /
Resource Hash
2a020670608060e8f05776815edaa0696f1dd553545ee49946e24be7741433f5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 04 Sep 2023 16:33:28 GMT
via
1.1 varnish (Varnish/7.3)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
241055
x-varnish
3097926 16
content-type
image/gif
accept-ranges
bytes
content-length
2892
jquery-1.11.3.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.3.min.js
Requested by
Host: h0zi.linkforusers.com
URL: https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://h0zi.linkforusers.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 07 Sep 2023 11:31:04 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-176d5"
vary
Accept-Encoding
x-hw
1694086264.dop042.la3.t,1694086264.cds269.la3.hn,1694086264.cds251.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33261
push_proxnapush.js
h0zi.linkforusers.com/ 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h0zi.linkforusers.com/push_proxnapush.js?v=1&custom=true
Requested by
Host: zoromangare.com
URL: https://zoromangare.com/0/2/14730/ce6e79e34b29fddf5e355cd6a73dab25/1/8890_17/30_5603_610_81687_md
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.195.197.27 , United States, ASN11402 (CCCAS-1, US),
Reverse DNS
Software
swoole-http-server /
Resource Hash
d97140baac38de7446121bd7fd8c6fd76194281fa0a9e4f1c636ce1cc1a0babe
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 04 Sep 2023 16:33:51 GMT
via
1.1 varnish (Varnish/7.3)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
241032
x-varnish
3801596 458761
content-type
application/javascript
x-redir
true
cache-control
no-cache, private
accept-ranges
bytes
content-length
17221
service-worker-allowed
/
gratorama-progjackpot-v3.gif
h0zi.linkforusers.com/templates/templates/spin-casino_MASTER/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h0zi.linkforusers.com/templates/templates/spin-casino_MASTER/images/gratorama-progjackpot-v3.gif
Requested by
Host: h0zi.linkforusers.com
URL: https://h0zi.linkforusers.com/templates/templates/spin-casino_MASTER/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.195.197.27 , United States, ASN11402 (CCCAS-1, US),
Reverse DNS
Software
swoole-http-server /
Resource Hash
bdc936e847facab60f4b4a9153dc8145ebccdeca49becc4cd684e007cd0459ca
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://h0zi.linkforusers.com/templates/templates/spin-casino_MASTER/css/style.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 04 Sep 2023 16:33:28 GMT
via
1.1 varnish (Varnish/7.3)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
241055
x-varnish
3676683 32785
content-type
image/gif
accept-ranges
bytes
content-length
23095
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%7COpen+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f3.1e100.net
Software
sffe /
Resource Hash
8c40f530a22a982117388d12fd3d0cd3ef96762aed2cde710b086d6c34e7912d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://h0zi.linkforusers.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 31 Aug 2023 19:20:12 GMT
x-content-type-options
nosniff
age
576652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10988
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:53:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Aug 2024 19:20:12 GMT

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery string| raw_prize_value function| formatPrizeValue function| initLiveJackpot string| currency object| _at function| _NeptuneAdsPushDeferred function| getUrlVars function| urlBase64ToUint8Array function| _NeptuneAdsPushGetDeviceType function| _NeptuneAdsPushGetPageDetails function| _NeptuneAdsPushGetReferrer function| _NeptuneAdsPushGetLanguage function| _NeptuneAdsPushGetResolution function| _NeptuneAdsPushGetBrowserInfo function| _NeptuneAdsPushGetSystemInfo function| _NeptuneAdsPushInitialize function| _NeptuneAdsPushGetSiteConfig function| _NeptuneAdsPushLoadPrompt function| _NeptuneAdsPushPromptApprove function| _NeptuneAdsPushPromptDeny function| _NeptuneAdsPushPromptCancel function| _NeptuneAdsPushRemovePoweredBy function| _NeptuneAdsPushShowPoweredBy function| _NeptuneAdsPushGetSubscriberID function| _NeptuneAdsPushSendTrackData function| _NeptuneAdsPushGetSubscriberIDFromToken function| _NeptuneAdsPushGenerateID function| _NeptuneAdsPushGetCookie function| _NeptuneAdsPushSetCookie function| _NeptuneAdsPushDeleteCookie function| _NeptuneAdsPushTrackAttributes function| _NeptuneAdsPushOptInResponse function| _NeptuneAdsPushPrompt function| _NeptuneAdsPushTrackEvent function| _NeptuneAdsPushAbandonedCart function| _NeptuneAdsPushGetPushToken function| _NeptuneAdsPushSupportsPush function| _NeptuneAdsPushCheckHTTPS function| _NeptuneAdsPushCheckPermissions function| _NeptuneAdsPushRunNative function| _NeptuneAdsPushSafariRun function| _NeptuneAdsPushChromeRun function| _NeptuneAdsPushSubscribe function| _NeptuneAdsPushExtractSubscriptionId function| _NeptuneAdsPushSendSubscriptionToServer function| _NeptuneAdsPushRegisterWorker function| _NeptuneAdsPushFetchSubscriberIDFromWorker function| _NeptuneAdsPushConsoleOutput function| _NeptuneAdsPushSendWorkerMessage function| _NeptuneAdsPushLoad string| domain string| owner string| idSite boolean| showDebug boolean| subscriberID_existed undefined| _NeptuneAdsPushPushToken string| _NeptuneAdsPushSubscriberID undefined| _NeptuneAdsPushCallResponse object| trackData string| currentPage string| _NeptuneAdsPushAPI boolean| _NeptuneAdsPushRanScript undefined| webURL undefined| logid string| uid number| width number| height object| browserInfo object| systemInfo string| refUrl string| refName object| referrer string| pageTitle string| pageURL object| pageDetails string| curPageURL string| configPageURL number| promptId number| auto_prompt function| stepOne function| stepTwo function| stepThree function| spinsCount object| $jackpot_display object| e object| powered_browserinfo string| powered_devicetype string| powered_top string| powered_left

4 Cookies

Domain/Path Name / Value
zoromangare.com/ Name: uid31
Value: 1049307067-20230907073059-77dccd89933c504db74a6a4f6aba4139-
h0zi.arrangedclearlink.com/ Name: yredir_session
Value: eyJpdiI6IlpNNjNhWEQySElKRmo4dWw3Z0VIdFE9PSIsInZhbHVlIjoiMHNjb2lkV004UlVYQXExUDNvQS9kbk84bUU4d1BORDduaUpIbTIxV0lXcE1RTWJBK1lUcVFlSHpXL0tWSk96TW1RdTFWREJmeHVqZEdGSE1ZclhWRHpSSFYrWGsvWmJlMnZmOEpCMW9HVkVLR3dOOWxPOXpoNkFtSWFsUHpuNC8iLCJtYWMiOiJlNTZhMzAwYTY3N2Q1MWYzMWZhOGM4ODBkNTVkZDhlYjIwNGYwNjcwZmNjODlmOTZiNzcyYzRlNzA0NmEzNWExIiwidGFnIjoiIn0%3D
h0zi.linkforusers.com/ Name: yredir_session
Value: eyJpdiI6ImxYVTdGSW1Sbk51WVlrVlRpWFdTQXc9PSIsInZhbHVlIjoibFR4aEZxcnV6VVQwa25rWE94b3pvYm1XUDZZTnRXUjZzdXNTZ1NrSThSUUxPRlgxNFg3RXdSTXZOcTZ1RldBNHpOSTV0cVNHNXI3YlkrbFVVekdqNFJ1cHBYd3VnNWRDM1djYXFKdnlRbVRzN2h1ckN0cFZpTmVWaEhNSWJZc0YiLCJtYWMiOiI2ZGEzZDMxYTIxMWJiNDkwYjczNWI2NjZmNThmYjIwNTUwM2YzMDhjMjQxMWZkZmQzYjlkNzc0NmJmYzgzMWY5IiwidGFnIjoiIn0%3D
h0zi.linkforusers.com/ Name: _NeptuneAdsPushSubscriberID
Value: ed254ae7-ec5d-c35c-b8a4-c69a97ad03f3

1 Console Messages

Source Level URL
Text
other error URL: https://h0zi.linkforusers.com/t/8f0d93c8664e/060fc930-4d72-11ee-adc1-7b0d564320ef/0619827c-4d72-11ee-8fba-9bef6eea36e7
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.