Submitted URL: http://shelina.shop/rd/c55951coLAo9061802ChBz1390rBC7008200gCpH2117
Effective URL: https://aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/14791f12-e0f8-11ed-a82d-919a2c2e6660
Submission Tags: falconsandbox
Submission: On April 22 via api from US — Scanned from DE

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 19 HTTP transactions. The main IP is 192.186.135.128, located in Buffalo, United States and belongs to SERVER-MANIA, CA. The main domain is aazo3.readytied.com.
TLS certificate: Issued by R3 on March 25th 2023. Valid for: 3 months.
This is the only time aazo3.readytied.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 194.9.70.122 201094 (GMHOST)
1 1 23.229.68.104 55286 (SERVER-MANIA)
1 10 192.186.135.128 55286 (SERVER-MANIA)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:e2:... 13335 (CLOUDFLAR...)
19 8
Apex Domain
Subdomains
Transfer
9 readytied.com
aazo3.readytied.com
527 KB
5 trk-consulatu.com
trk-consulatu.com — Cisco Umbrella Rank: 38267
event.trk-consulatu.com — Cisco Umbrella Rank: 107587
3 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
ajax.googleapis.com — Cisco Umbrella Rank: 607
34 KB
2 shelina.shop
shelina.shop
641 B
1 gstatic.com
fonts.gstatic.com
16 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 997
33 KB
1 hitchyouroffers.com
aazo3.hitchyouroffers.com
819 B
1 catophelm.com
www.catophelm.com
337 B
19 8
Domain Requested by
9 aazo3.readytied.com shelina.shop
aazo3.readytied.com
4 event.trk-consulatu.com trk-consulatu.com
2 shelina.shop 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 trk-consulatu.com aazo3.readytied.com
1 code.jquery.com aazo3.readytied.com
1 ajax.googleapis.com aazo3.readytied.com
1 fonts.googleapis.com aazo3.readytied.com
1 aazo3.hitchyouroffers.com 1 redirects
1 www.catophelm.com 1 redirects
19 10

This site contains no links.

Subject Issuer Validity Valid
readytied.com
R3
2023-03-25 -
2023-06-23
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-01 -
2023-08-01
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh

This page contains 1 frames:

Primary Page: https://aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/14791f12-e0f8-11ed-a82d-919a2c2e6660
Frame ID: 5E69426C5222D38D08AEC451A6E74B6A
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

Herzlichen Glückwunsch!

Page URL History Show full URLs

  1. http://shelina.shop/rd/c55951coLAo9061802ChBz1390rBC7008200gCpH2117 Page URL
  2. http://shelina.shop/track/c55951coLAo9061802ChBz1390rBC7008200gCpH2117 HTTP 302
    https://www.catophelm.com/wDKzRSCNmbCKNStTsaPfJVrnouMtM6oc9NHd6pT1J1jP9UmoebpjhDpC4p5khdSJPfB12SIAkQwS... HTTP 302
    https://aazo3.hitchyouroffers.com/?kw=821810&s1=723770603 HTTP 302
    https://aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/14791f12-e0f8-11ed-a82d-... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

95 %
HTTPS

67 %
IPv6

8
Domains

10
Subdomains

8
IPs

4
Countries

613 kB
Transfer

739 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://shelina.shop/rd/c55951coLAo9061802ChBz1390rBC7008200gCpH2117 Page URL
  2. http://shelina.shop/track/c55951coLAo9061802ChBz1390rBC7008200gCpH2117 HTTP 302
    https://www.catophelm.com/wDKzRSCNmbCKNStTsaPfJVrnouMtM6oc9NHd6pT1J1jP9UmoebpjhDpC4p5khdSJPfB12SIAkQwS8YTHmaz6qg~~/12/2117-55951/9061802-1390-7008200 HTTP 302
    https://aazo3.hitchyouroffers.com/?kw=821810&s1=723770603 HTTP 302
    https://aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/14791f12-e0f8-11ed-a82d-919a2c2e6660 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
c55951coLAo9061802ChBz1390rBC7008200gCpH2117
shelina.shop/rd/
243 B
360 B
Document
General
Full URL
http://shelina.shop/rd/c55951coLAo9061802ChBz1390rBC7008200gCpH2117
Protocol
HTTP/1.1
Server
194.9.70.122 , Ukraine, ASN201094 (GMHOST, UA),
Reverse DNS
free.gmhost.hosting
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
243
Content-Type
text/html; charset=utf-8
Date
Sat, 22 Apr 2023 10:25:58 GMT
Primary Request 14791f12-e0f8-11ed-a82d-919a2c2e6660
aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/
Redirect Chain
  • http://shelina.shop/track/c55951coLAo9061802ChBz1390rBC7008200gCpH2117
  • https://www.catophelm.com/wDKzRSCNmbCKNStTsaPfJVrnouMtM6oc9NHd6pT1J1jP9UmoebpjhDpC4p5khdSJPfB12SIAkQwS8YTHmaz6qg~~/12/2117-55951/9061802-1390-7008200
  • https://aazo3.hitchyouroffers.com/?kw=821810&s1=723770603
  • https://aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/14791f12-e0f8-11ed-a82d-919a2c2e6660
14 KB
15 KB
Document
General
Full URL
https://aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/14791f12-e0f8-11ed-a82d-919a2c2e6660
Requested by
Host: shelina.shop
URL: http://shelina.shop/rd/c55951coLAo9061802ChBz1390rBC7008200gCpH2117
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.186.135.128 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
mta128.quick-buzzer.eu
Software
swoole-http-server /
Resource Hash
14792babef2a92c5dc5684b56a00b46c273db8082b77ae90eed87f5759d701ee
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://shelina.shop/rd/c55951coLAo9061802ChBz1390rBC7008200gCpH2117
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Sat, 22 Apr 2023 10:26:02 GMT
server
swoole-http-server
strict-transport-security
max-age=15768000
transfer-encoding
chunked
x-redir
true

Redirect headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Sat, 22 Apr 2023 10:26:01 GMT
location
https://aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/14791f12-e0f8-11ed-a82d-919a2c2e6660
server
swoole-http-server
strict-transport-security
max-age=15768000
transfer-encoding
chunked
x-redir
true
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed%7COpen+Sans:400,700
Requested by
Host: aazo3.readytied.com
URL: https://aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/14791f12-e0f8-11ed-a82d-919a2c2e6660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c89ffbdb7b8bc4f4395bc4286d229955773983736dd65e4e15d8246b71541480
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aazo3.readytied.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 22 Apr 2023 10:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 22 Apr 2023 10:26:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 22 Apr 2023 10:26:02 GMT
style.css
aazo3.readytied.com/templates/templates/spin-casino_MASTER/css/
25 KB
25 KB
Stylesheet
General
Full URL
https://aazo3.readytied.com/templates/templates/spin-casino_MASTER/css/style.css
Requested by
Host: aazo3.readytied.com
URL: https://aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/14791f12-e0f8-11ed-a82d-919a2c2e6660
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.186.135.128 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
mta128.quick-buzzer.eu
Software
swoole-http-server /
Resource Hash
d86b239f3ad7fc29593df1655848824493b2299a203c9be2f67adae10f94309e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/14791f12-e0f8-11ed-a82d-919a2c2e6660
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 13:50:18 GMT
via
1.1 varnish (Varnish/7.3)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
74144
x-varnish
1765786 360519
content-type
text/css
accept-ranges
bytes
content-length
25401
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/
91 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: aazo3.readytied.com
URL: https://aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/14791f12-e0f8-11ed-a82d-919a2c2e6660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aazo3.readytied.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 21:11:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32954
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Apr 2024 21:11:24 GMT
overlay.png
aazo3.readytied.com/templates/templates/spin-casino_MASTER/images/
18 KB
18 KB
Image
General
Full URL
https://aazo3.readytied.com/templates/templates/spin-casino_MASTER/images/overlay.png
Requested by
Host: aazo3.readytied.com
URL: https://aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/14791f12-e0f8-11ed-a82d-919a2c2e6660
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.186.135.128 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
mta128.quick-buzzer.eu
Software
swoole-http-server /
Resource Hash
bd03836c50a13a9d0c5868a5656f4112f69909cc52c50ca21de772da164e13a2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/14791f12-e0f8-11ed-a82d-919a2c2e6660
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 13:50:19 GMT
via
1.1 varnish (Varnish/7.3)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
74143
x-varnish
1765787 524325
content-type
image/png
accept-ranges
bytes
content-length
18661
overlay2.png
aazo3.readytied.com/templates/templates/spin-casino_MASTER/images/
18 KB
18 KB
Image
General
Full URL
https://aazo3.readytied.com/templates/templates/spin-casino_MASTER/images/overlay2.png
Requested by
Host: aazo3.readytied.com
URL: https://aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/14791f12-e0f8-11ed-a82d-919a2c2e6660
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.186.135.128 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
mta128.quick-buzzer.eu
Software
swoole-http-server /
Resource Hash
677aebad5741b57c1a3a51f8a65cd295a7aae1d656958313a882ef199f046418
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/14791f12-e0f8-11ed-a82d-919a2c2e6660
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 13:54:45 GMT
via
1.1 varnish (Varnish/7.3)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
73877
x-varnish
2199324 786893
content-type
image/png
accept-ranges
bytes
content-length
18646
euro_reel.fs8.png
aazo3.readytied.com/templates/templates/spin-casino_MASTER/images/
254 KB
254 KB
Image
General
Full URL
https://aazo3.readytied.com/templates/templates/spin-casino_MASTER/images/euro_reel.fs8.png
Requested by
Host: aazo3.readytied.com
URL: https://aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/14791f12-e0f8-11ed-a82d-919a2c2e6660
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.186.135.128 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
mta128.quick-buzzer.eu
Software
swoole-http-server /
Resource Hash
37a8b962d9612db68395230b47245d17b78da085d742bd1e1e57fab3bfe30e25
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/14791f12-e0f8-11ed-a82d-919a2c2e6660
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 13:55:11 GMT
via
1.1 varnish (Varnish/7.3)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
73851
x-varnish
1687352 262475
content-type
image/png
accept-ranges
bytes
content-length
260226
spin1.png
aazo3.readytied.com/templates/templates/spin-casino_MASTER/images/
83 KB
83 KB
Image
General
Full URL
https://aazo3.readytied.com/templates/templates/spin-casino_MASTER/images/spin1.png
Requested by
Host: aazo3.readytied.com
URL: https://aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/14791f12-e0f8-11ed-a82d-919a2c2e6660
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.186.135.128 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
mta128.quick-buzzer.eu
Software
swoole-http-server /
Resource Hash
bc50750cd41cbabc77efc8143fb1b210c983a23e5c954b65b02562958b922e63
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/14791f12-e0f8-11ed-a82d-919a2c2e6660
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 13:54:49 GMT
via
1.1 varnish (Varnish/7.3)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
73873
x-varnish
2107330 262398
content-type
image/png
accept-ranges
bytes
content-length
85123
spin2.png
aazo3.readytied.com/templates/templates/spin-casino_MASTER/images/
86 KB
86 KB
Image
General
Full URL
https://aazo3.readytied.com/templates/templates/spin-casino_MASTER/images/spin2.png
Requested by
Host: aazo3.readytied.com
URL: https://aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/14791f12-e0f8-11ed-a82d-919a2c2e6660
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.186.135.128 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
mta128.quick-buzzer.eu
Software
swoole-http-server /
Resource Hash
ada8eb4421bf605c058c123aa95bd5e4590b4507c68809f563c921e4db31ea8a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/14791f12-e0f8-11ed-a82d-919a2c2e6660
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 13:54:49 GMT
via
1.1 varnish (Varnish/7.3)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
73873
x-varnish
2199327 786901
content-type
image/png
accept-ranges
bytes
content-length
88130
loader.gif
aazo3.readytied.com/templates/templates/spin-casino_MASTER/images/
3 KB
3 KB
Image
General
Full URL
https://aazo3.readytied.com/templates/templates/spin-casino_MASTER/images/loader.gif
Requested by
Host: aazo3.readytied.com
URL: https://aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/14791f12-e0f8-11ed-a82d-919a2c2e6660
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.186.135.128 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
mta128.quick-buzzer.eu
Software
swoole-http-server /
Resource Hash
2a020670608060e8f05776815edaa0696f1dd553545ee49946e24be7741433f5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/14791f12-e0f8-11ed-a82d-919a2c2e6660
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 13:54:53 GMT
via
1.1 varnish (Varnish/7.3)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
73869
x-varnish
2199329 262408
content-type
image/gif
accept-ranges
bytes
content-length
2892
jquery-1.11.3.min.js
code.jquery.com/
94 KB
33 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.11.3.min.js
Requested by
Host: aazo3.readytied.com
URL: https://aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/14791f12-e0f8-11ed-a82d-919a2c2e6660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aazo3.readytied.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 10:26:03 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-176d5"
vary
Accept-Encoding
x-hw
1682159163.dop052.fr8.t,1682159163.cds167.fr8.hn,1682159163.cds127.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33261
oldw7nlgzn
trk-consulatu.com/scripts/push/script/
7 KB
3 KB
Script
General
Full URL
https://trk-consulatu.com/scripts/push/script/oldw7nlgzn?url=default
Requested by
Host: aazo3.readytied.com
URL: https://aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/14791f12-e0f8-11ed-a82d-919a2c2e6660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8527 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0956218009fe6721f2afb9728dada5de28059cc6301b34b06fce2824a6321ac
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aazo3.readytied.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 10:26:03 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 22 Apr 2023 08:14:36 GMT
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOfgc64Rn%2FqJNzU9KpaFDrwz%2BnBdhE3IvXPk4jmqykWoSk7zv4HMQFw%2F3WdWvTpJt7HID0GwBIh%2FdvYIABJFQpizdz69G%2FR0X1GHrA3hHtXUb5mm6WoHw12ha%2BrNqH%2F4wE30x18AgDZMqz6J4IwhSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
7bbd2a911f8dbb8c-FRA
expires
0
gratorama-progjackpot-v3.gif
aazo3.readytied.com/templates/templates/spin-casino_MASTER/images/
23 KB
23 KB
Image
General
Full URL
https://aazo3.readytied.com/templates/templates/spin-casino_MASTER/images/gratorama-progjackpot-v3.gif
Requested by
Host: aazo3.readytied.com
URL: https://aazo3.readytied.com/templates/templates/spin-casino_MASTER/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.186.135.128 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
mta128.quick-buzzer.eu
Software
swoole-http-server /
Resource Hash
bdc936e847facab60f4b4a9153dc8145ebccdeca49becc4cd684e007cd0459ca
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aazo3.readytied.com/templates/templates/spin-casino_MASTER/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 13:54:52 GMT
via
1.1 varnish (Varnish/7.3)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
73870
x-varnish
1765789 1179882
content-type
image/gif
accept-ranges
bytes
content-length
23095
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%7COpen+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://aazo3.readytied.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 10:40:00 GMT
x-content-type-options
nosniff
age
344763
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15700
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Apr 2024 10:40:00 GMT
lmdzxr03ek
event.trk-consulatu.com/register/event_log/
0
0
Fetch
General
Full URL
https://event.trk-consulatu.com/register/event_log/lmdzxr03ek
Requested by
Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/oldw7nlgzn?url=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8427 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://aazo3.readytied.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Sat, 22 Apr 2023 10:26:03 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4uBf%2BRGDfEC7BAhNLWm6EjgU%2Bqr35XPQxvPwEoiA%2BuPxJzRoSlthS91mr5px4NnUFJcQjy2B7A8YHQu96sQrDhYYqU31W6PqdorU2pYVPakGqaHrtkUY6PPZMgPEkJz3P5b3t7HrTOatJZ%2FgYIQukqYlj7u%2BKg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://aazo3.readytied.com
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
7bbd2a94de5a8fe0-FRA
x-pushplatformapp-params
lmdzxr03ek
event.trk-consulatu.com/register/event_log/
0
0
Preflight
General
Full URL
https://event.trk-consulatu.com/register/event_log/lmdzxr03ek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8427 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://aazo3.readytied.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://aazo3.readytied.com
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7bbd2a943dbb8fe0-FRA
content-length
0
date
Sat, 22 Apr 2023 10:26:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ze1pgP%2FySM4CruF0mVZYydGm6WptKuQSeoew9JC0zeVnVfA2HCemYuMIkvaRn1e%2B01J0h1rR9%2FpZcVdIbe1xUpVxMLaChMblvdbwK9WVHXi%2BZGatO48b5bzJeiy3w1My4Uw4nDghYdbFChwHOeuVoOv1yhy31Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
lmdzxr03ek
event.trk-consulatu.com/register/event_log/
0
0
Fetch
General
Full URL
https://event.trk-consulatu.com/register/event_log/lmdzxr03ek
Requested by
Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/oldw7nlgzn?url=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8427 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://aazo3.readytied.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Sat, 22 Apr 2023 10:26:03 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Cx13KteM4EXHXK6k5aHT%2F5LiNtz3RE23uLkkr3IAEfjqNfLZNpQH3sFXW%2F9dIT2eloPCjcgbum6yybtKsEgkUkRTdarGX9JyDPj9Z0x0AMivLzOtAGjI7iZGR%2FDFJSH4PrjcJ16EcVqmbUbIEYH4QFpSkw4kw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://aazo3.readytied.com
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
7bbd2a94ee6e8fe0-FRA
x-pushplatformapp-params
lmdzxr03ek
event.trk-consulatu.com/register/event_log/
0
0
Preflight
General
Full URL
https://event.trk-consulatu.com/register/event_log/lmdzxr03ek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8427 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://aazo3.readytied.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://aazo3.readytied.com
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7bbd2a943dbc8fe0-FRA
content-length
0
date
Sat, 22 Apr 2023 10:26:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MyrsqubTmdldvOz80iEXELWMbdCTxNhFWassWWLK8KByVWYGJSynfv9Qn8tPL%2BmnsPpd%2FynvvMKj8IgySbP5S6NWQ8zkXrjnvsRW6FNdwqhJeY8%2FrXPCUqwAJhVfapgrT292njPbQ%2BIeihs60REWVGIAvkiIJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery string| raw_prize_value function| formatPrizeValue function| initLiveJackpot string| currency function| stepOne function| stepTwo function| stepThree function| spinsCount object| $jackpot_display function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore object| e

3 Cookies

Domain/Path Name / Value
.catophelm.com/ Name: uid10862
Value: 723770603-20230422062558-39bba8cfa996c1dbaa93ea0ea7f139f8-
aazo3.hitchyouroffers.com/ Name: yredir_session
Value: eyJpdiI6Im5OQmVtZXlhaUoyZzJDQUxLMUtHWHc9PSIsInZhbHVlIjoiR1FBUmdMZlg5YXN0dFhOeFdFMk53eHI3SlFuY1EwaE41QmRaZkNJT25HeTZpMFdSOXBuK3ltYXVZUUpJM2RLUWl6Wngzd3RpOUlCZlBLaVJrcnVvaFZwNHNLSFIrcGZDOWQ1QmE0cVlTa1B6S0FCdHZKQTNWejY5SUZKQThiREwiLCJtYWMiOiIyOWMwYzIzN2JiOGJkNmFiNzk2NzQ5ZDRlZjcxYjkzMTlmYWFmNTZjYjIxZmY0MDlkZjA4MjgxNzJlOTM4MjI5IiwidGFnIjoiIn0%3D
aazo3.readytied.com/ Name: yredir_session
Value: eyJpdiI6ImZ5Z2N6dWdZbVVTTXRNTTV5YUI2QVE9PSIsInZhbHVlIjoiVDNjK3lZQ0Q1VFpVbGpFN2JITnlqWHJmWlFjMkMvRnJNcWkyMC9ySmh1T1Z6NDd4SEE2dFYwd0lYdUwzSGpmdUpQYmZnYVlWMHF1b1Q5N1ZTeDArN2Z1alh4RXowZzNIaUZzRnlwMEZzRTMvYVRMc1RJaHF1WFMwdlZZOHkvZ1ciLCJtYWMiOiJjZTc4ZDhmY2YxNmM3YjA0MGM0YjhmNWIxMGQ4MTYyN2IwY2Y4ZGViNTBlYjdiZWUxMTg5ODU0YWRjMDJiMDcxIiwidGFnIjoiIn0%3D

1 Console Messages

Source Level URL
Text
other error URL: https://aazo3.readytied.com/t/8f0d93c8664e/146f9582-e0f8-11ed-b7d8-ed2cb5dd028e/14791f12-e0f8-11ed-a82d-919a2c2e6660
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.