urlscan.io logo urlscan.io
SecurityTrails logo

redirect.camfrog.com Open in urlscan Pro
143.204.98.128  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://firsturl.de/Y8M519s
Effective URL: https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
Submission: On January 06 via manual from NL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 32 HTTP transactions. The main IP is 143.204.98.128, located in United States and belongs to AMAZON-02, US. The main domain is redirect.camfrog.com.
TLS certificate: Issued by GeoTrust TLS DV RSA Mixed SHA256 2020... on April 26th 2021. Valid for: a year.
This is the only time redirect.camfrog.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    2606:4700:3032::6815:37b7 (United States)

ASN13335 (CLOUDFLARENET, US)
firsturl.de
2    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    143.204.98.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-128.fra50.r.cloudfront.net
redirect.camfrog.com
8    143.204.98.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-78.fra50.r.cloudfront.net
www.camfrog.com
6    34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
3    143.204.98.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-125.fra50.r.cloudfront.net
sb.scorecardresearch.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
9 camfrog.com
redirect.camfrog.com
www.camfrog.com — Cisco Umbrella Rank: 213266
32 KB
8 firsturl.de
firsturl.de
163 KB
6 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4690
109 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 124
2 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 267
17 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
2 KB
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
181 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 8
991 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6151
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
471 B
32 10
Domain Requested by
8 www.camfrog.com redirect.camfrog.com
www.camfrog.com
8 firsturl.de firsturl.de
6 dev.visualwebsiteoptimizer.com redirect.camfrog.com
dev.visualwebsiteoptimizer.com
3 sb.scorecardresearch.com 1 redirects redirect.camfrog.com
2 ssl.google-analytics.com 1 redirects redirect.camfrog.com
2 fonts.googleapis.com www.camfrog.com
2 www.google.com 1 redirects firsturl.de
1 www.google.de redirect.camfrog.com
1 stats.g.doubleclick.net 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 redirect.camfrog.com firsturl.de
1 www.gstatic.com www.google.com
32 12
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-12 -
2022-07-11		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.camfrog.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-04-26 -
2022-05-27		 a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2020-06-19 -
2022-07-06		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
Frame ID: E1009EF772C3C0907E7D7D23F8FFF6C9
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://firsturl.de/Y8M519s Page URL
  2. https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • dev\.visualwebsiteoptimizer\.com/?([\d.]+)
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

32
Requests

94 %
HTTPS

67 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

507 kB
Transfer

1183 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://firsturl.de/Y8M519s Page URL
  2. https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://sb.scorecardresearch.com/b?c1=2&c2=13846821&ns__t=1641501622239&ns_c=UTF-8&cv=3.5&c8=&c7=https%3A%2F%2Fredirect.camfrog.com%2Fredirect%2F%3Fname%3DONLINECASINO%26url%3Dhttps%3A%2F%2Fwww.onlinecasino2go.com&c9=https%3A%2F%2Ffirsturl.de%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=13846821&ns__t=1641501622239&ns_c=UTF-8&cv=3.5&c8=&c7=https%3A%2F%2Fredirect.camfrog.com%2Fredirect%2F%3Fname%3DONLINECASINO%26url%3Dhttps%3A%2F%2Fwww.onlinecasino2go.com&c9=https%3A%2F%2Ffirsturl.de%2F
Request Chain 30
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=208348543&utmhn=redirect.camfrog.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=381918156&utmr=https%3A%2F%2Ffirsturl.de%2F&utmp=%2Fredirect%2F%3Fname%3DONLINECASINO%26url%3Dhttps%3A%2F%2Fwww.onlinecasino2go.com&utmht=1641501622280&utmac=UA-1870603-1&utmcc=__utma%3D164933820.2050902669.1641501622.1641501622.1641501622.1%3B%2B__utmz%3D164933820.1641501622.1.1.utmcsr%3Dfirsturl.de%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2F%3B&utmjid=621404046&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1870603-1&cid=2050902669.1641501622&jid=621404046&_v=5.7.2&z=208348543 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1870603-1&cid=2050902669.1641501622&jid=621404046&_v=5.7.2&z=208348543 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1870603-1&cid=2050902669.1641501622&jid=621404046&_v=5.7.2&z=208348543&slf_rd=1&random=4130228525

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Y8M519s
firsturl.de/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://firsturl.de/Y8M519s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:37b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb85cc6abeebb039382a10e65de110ac6c444101a4fc219fb63b884fb13f0ca1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 06 Jan 2022 20:40:20 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQwhuyjvQLP%2Fp7Yv3u3Ma%2B4oWuDXXUeZwQNoQaKHwvV7Rn5%2BQRGZ7s3jA5MAl7fptOt%2FtOQHz23ugD0umys9kUMKik1m63Q%2Bp2dqnOvK9Qqt%2BlLydQQV%2Bs1F2obHLS48sS22auNfYoemGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c97c2c8c9f20fe6-MRS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.css
firsturl.de/include/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://firsturl.de/include/style.css
Requested by
Host: firsturl.de
URL: https://firsturl.de/Y8M519s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:37b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02fea9181433d073de2c559eeb99b916b4498124c46788b5cb9be0e692251104

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firsturl.de/Y8M519s
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 20:40:20 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 26 Mar 2015 19:06:44 GMT
server
cloudflare
etag
W/"7ec-51235b77ffd60-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghVg0HwGq849kmauGA2mdn5VOyszzSEZOZRbMRGPtRXZaR7XcYuqraxOyKT1Lpi8%2BlqAl2Weiw2QCYsKjSSK7amiW2LCEkVzHvbR40D6y18rI62pIY4E7SAP5JdxhsxH5O33yx0SZ3NtOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c97c2c9ab320fe6-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
api.js
www.google.com/recaptcha/ 		850 B
970 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: firsturl.de
URL: https://firsturl.de/Y8M519s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f5844d119b0d7d2d0f427bb92c5e16959b51f66509c63bf2f44a4795d7886537
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firsturl.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 20:40:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
557
x-xss-protection
1; mode=block
expires
Thu, 06 Jan 2022 20:40:20 GMT
de.png
firsturl.de/include/ 		612 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://firsturl.de/include/de.png
Requested by
Host: firsturl.de
URL: https://firsturl.de/Y8M519s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:37b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6b1ee1113df9181d66452fe3899f280e9bd174ba6b3d277d6b93474e867d510

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firsturl.de/Y8M519s
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 20:40:20 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 26 Mar 2015 19:06:42 GMT
server
cloudflare
etag
"264-51235b762d09f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BOYQgQFtH%2F0s3CnPdpi6RUp3TXsttL%2FmOg3nIVYarvyEMrdQw1ZhvhEi0ksTQX8aW3G3G%2BRJEIus6z6TbHUJcghdbmxaU87JqkSw%2B3nRxFXNBaLJjrWGxTPQMlptzlBMkT3%2Bh8UrOUnyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6c97c2ca9f18d789-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
612
en.png
firsturl.de/include/ 		602 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://firsturl.de/include/en.png
Requested by
Host: firsturl.de
URL: https://firsturl.de/Y8M519s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:37b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed6f77c097f0236a46fd7747f6665e7ae54f7ecc95e20f1b16db71affa3799d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firsturl.de/Y8M519s
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 20:40:21 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 26 Mar 2015 19:06:43 GMT
server
cloudflare
etag
"25a-51235b765dddf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVNa6eGen9cwYLDTZcYpovZAmLkcZDT80znxgQHsg9Q%2BC15Gga8jFEGH3n2YqX8C%2FcpJ1%2Bp2sEGot%2FDUt5dGbeGYWCMsGod2h5SFLALJdWkBE3ZIyP0mTPm2%2FV%2FlpXDsv5o9wiJH%2FG8J6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6c97c2caaf65d789-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
602
cookie-consent.js
firsturl.de/include/ 		108 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://firsturl.de/include/cookie-consent.js
Requested by
Host: firsturl.de
URL: https://firsturl.de/Y8M519s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:37b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c36672734eb354012ec579c10e879ecf0e25dbcb2c0281bad87a94ed332698d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firsturl.de/Y8M519s
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 20:40:20 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 08 Nov 2019 09:47:53 GMT
server
cloudflare
etag
W/"1afe1-596d2ad01c9a8-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aIHbiRa9gqvyuaEOJU5pSXGHVoP7R5cD0AHaWwR%2FGpbjbUuFF%2BP8yNB6SIO0Sp0MdkvBdy6LwHViW%2BScD%2BhCS3sVv1EU5k2FjAk%2FTqYTKeMGwwi3EM0PSkacpHJMuGtEuKdkF7PicpD2OA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c97c2c9ed7ad789-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
print.css
firsturl.de/include/ 		265 B
746 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://firsturl.de/include/print.css
Requested by
Host: firsturl.de
URL: https://firsturl.de/Y8M519s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:37b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04c6b2d6f35c6fec594184f59a019a1611c7f179e94abb1535d11e4368ed5f29

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firsturl.de/Y8M519s
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 20:40:21 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 26 Mar 2015 19:06:44 GMT
server
cloudflare
etag
W/"109-51235b77ce080-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6oaYFSEudQaawtzH5lnnhqeU7SqVlo5wRfPH3y5adq%2FxpmUXsEMgNLSPlQqUtuB5%2BGi2%2BqYeisLSZxqRSeDrUmdyexuTiC74W1GQtdAdyZU0cPuc7Rf%2BfICvBmnHT91nSVs5rcGw8Yr0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c97c2caaf69d789-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
recaptcha__de.js
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ 		348 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://firsturl.de/
Origin
https://firsturl.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 17:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10995
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139097
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 05:04:24 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Jan 2023 17:37:05 GMT
bg.png
firsturl.de/include/ 		205 B
792 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://firsturl.de/include/bg.png
Requested by
Host: firsturl.de
URL: https://firsturl.de/include/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:37b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
196dbd9bbb848910c88bc9a19a3bcc85fb3d97ae6d673a77f37a6ecbf398c868

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firsturl.de/include/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 20:40:20 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 26 Mar 2015 19:06:42 GMT
server
cloudflare
etag
"cd-51235b75f753e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aj42oaVQGx056Cq%2FUtrKWPyq2QtbtJhjlE4C6owGFguAgK4SnIYmtLfkgmYgSOxuCiqoBERGfJPrBAzFcrlWpdzpIaFOJazfbN9gKq7C42zyrFWmLip9cvqAiNxwl1pHAwMoXUZqEFNL%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6c97c2caaf6cd789-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
205
header.png
firsturl.de/include/ 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://firsturl.de/include/header.png
Requested by
Host: firsturl.de
URL: https://firsturl.de/include/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:37b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d81c5fe0ec47980392218e611e2a8aa6f6046554387b40e0096acfad7d544651

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firsturl.de/include/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 20:40:21 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 26 Mar 2015 19:06:43 GMT
server
cloudflare
etag
"1f76e-51235b773c85f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sM3dmk7I5LcVbtLAksWNIvkutO4WYwzGiNnQHPUVcmWMzv%2B8p1ltfjqK05QYr4i26scAMdpp3KZ0ofZugE9JqPNaIccMW3HhuuN3GyWnByd8m5muFV6QdJvGVNNGFKGW0DQpaCNHGOs9VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6c97c2caaf70d789-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
128878
Primary Request /
redirect.camfrog.com/redirect/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
Requested by
Host: firsturl.de
URL: https://firsturl.de/Y8M519s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-128.fra50.r.cloudfront.net
Software
nginx / PHP/7.4.21
Resource Hash
a68514067b7f42d4d6eff1a2c0e9c89c806d30a263459e57e956775efdd55882
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://firsturl.de/

Response headers

content-type
text/html; charset=UTF-8
content-length
3808
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
date
Thu, 06 Jan 2022 20:40:21 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.4.21
x-cache
Miss from cloudfront
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
iA96kYebBZux2BhYJI0dBwyQbACFnrkR01TVyo0WitDLGsevIhNGvA==
template_styles.css
www.camfrog.com/de/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.camfrog.com/de/css/template_styles.css?v=283
Requested by
Host: redirect.camfrog.com
URL: https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-78.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
3e1a31272f27e436fed627d2a4b5b471c55dfad901b17c93aa1e787a272f0930

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 20:40:21 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 12:24:44 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
W/"6139fd0c-37e1"
x-cache
Miss from cloudfront
content-type
text/css
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control
max-age=259200, public
content-length
3571
x-amz-cf-id
BL-tHfZHk3oql2SqmCNPvjQU2dj8sQybH136V07aYayPkOFLE8LZ6Q==
expires
Sun, 09 Jan 2022 20:40:21 GMT
redirect.css
www.camfrog.com/de/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.camfrog.com/de/css/redirect.css?v=283
Requested by
Host: redirect.camfrog.com
URL: https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-78.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
02c88bba01d0ab1525cb00d7909c910375e7b2f1ccdbe1e62a9221dfbb44ccb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 20:40:21 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 12:24:44 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
W/"6139fd0c-ec6"
x-cache
Miss from cloudfront
content-type
text/css
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control
max-age=259200, public
content-length
1056
x-amz-cf-id
RDR2c1c6d9yQ7xTGHH3v0Gpck0ysxNxsnbJfPaWzAQ_zNsxwJhfa9w==
expires
Sun, 09 Jan 2022 20:40:21 GMT
template.js
www.camfrog.com/de/js/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.camfrog.com/de/js/template.js
Requested by
Host: redirect.camfrog.com
URL: https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-78.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
0df3b4593c5eb2615806c8a56e963b1a19a72e03af86973b1e762e749ade03f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 20:40:21 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 12:24:45 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
W/"6139fd0d-85b7"
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
content-length
9665
x-amz-cf-id
T2Ba6dzLB748q4jrSvc4sUdTh0X2w6zDR7X0QPOlS_oZLTGUHdVyZg==
expires
Fri, 07 Jan 2022 20:40:21 GMT
template_styles_footer.css
www.camfrog.com/de/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.camfrog.com/de/css/template_styles_footer.css?v=283
Requested by
Host: redirect.camfrog.com
URL: https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-78.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
02745ba6f3906bb37a8cc42c120e2d9beef3ddc4570551f4460419c4748b2141

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 20:40:21 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 12:24:44 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
W/"6139fd0c-2319"
x-cache
Miss from cloudfront
content-type
text/css
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control
max-age=259200, public
content-length
2105
x-amz-cf-id
tM2B1MuOm_zxSk9F5KXb2Bi9MB_UGqaw228KQP-plna8bKvJWEY3xQ==
expires
Sun, 09 Jan 2022 20:40:21 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=281744&u=https%3A%2F%2Fredirect.camfrog.com%2Fredirect%2F%3Fname%3DONLINECASINO%26url%3Dhttps%3A%2F%2Fwww.onlinecasino2go.com&r=0.041422327221353195
Requested by
Host: redirect.camfrog.com
URL: https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
24aba94849b63efccecdb133df76b1e5e64b76ab8d93db0b56cf21b55ba2c311

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 Jan 2022 20:40:21 GMT
via
1.1 google
server
gfra1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
template_genders.css
www.camfrog.com/css/ 		770 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.camfrog.com/css/template_genders.css
Requested by
Host: www.camfrog.com
URL: https://www.camfrog.com/de/css/template_styles.css?v=283
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-78.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
d9f72244ddff57f17896946b0a7ecea565d9bade54b6319f5e639b5e01126aac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.camfrog.com/de/css/template_styles.css?v=283
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 20:40:22 GMT
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
last-modified
Tue, 29 Jan 2019 08:24:43 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"5c500dcb-302"
x-cache
Miss from cloudfront
content-type
text/css
cache-control
max-age=259200, public
accept-ranges
bytes
content-length
770
x-amz-cf-id
a5juQw7HXRSLeoz-F3QEGnb-_pbDqKPvesRhROVFUhbPCaLbG5DZNQ==
expires
Sun, 09 Jan 2022 20:40:22 GMT
template_currency.css
www.camfrog.com/css/ 		603 B
986 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.camfrog.com/css/template_currency.css
Requested by
Host: www.camfrog.com
URL: https://www.camfrog.com/de/css/template_styles.css?v=283
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-78.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
56314d3b00cd6a086015b7aff3012e76834489cb56f6ca8622c1fa7cdbafa92a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.camfrog.com/de/css/template_styles.css?v=283
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Thu, 06 Jan 2022 20:40:22 GMT
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
last-modified
Mon, 31 Aug 2020 03:24:01 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"5f4c6d51-25b"
x-cache
Miss from cloudfront
content-type
text/css
cache-control
max-age=259200, public
accept-ranges
bytes
content-length
603
x-amz-cf-id
BaJqQF3N3vCsLhVO0Uwv41nQYbcY7GRPWpSQxglfQ1MV2nRUSAqdoA==
expires
Sun, 09 Jan 2022 20:40:22 GMT
css
fonts.googleapis.com/ 		27 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese
Requested by
Host: www.camfrog.com
URL: https://www.camfrog.com/de/css/template_styles.css?v=283
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ac97bc7f217e4f44ef06f70136d703ef07504dcb904e0848bee504cc8a4aafc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.camfrog.com/de/css/template_styles.css?v=283
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 20:40:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 06 Jan 2022 20:40:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 06 Jan 2022 20:40:22 GMT
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese
Requested by
Host: www.camfrog.com
URL: https://www.camfrog.com/de/css/template_styles.css?v=283
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
04de5f97e3a9f20c3cd0cf447e4b83a9637473c6ec2f0240b8d4df4f4b3fdb8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.camfrog.com/de/css/template_styles.css?v=283
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 20:40:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 06 Jan 2022 20:40:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 06 Jan 2022 20:40:22 GMT
va-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
dev.visualwebsiteoptimizer.com/7.0/ 		220 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/7.0/va-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=281744&u=https%3A%2F%2Fredirect.camfrog.com%2Fredirect%2F%3Fname%3DONLINECASINO%26url%3Dhttps%3A%2F%2Fwww.onlinecasino2go.com&r=0.041422327221353195
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
9b82fdea7d95532bc88ed7e923495347258dc93310725e4bc7b78b35ba320eb2

Request headers

Referer
https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
Origin
https://redirect.camfrog.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 20:40:22 GMT
content-encoding
br
last-modified
Thu, 06 Jan 2022 13:15:39 GMT
server
gfra1
etag
"61d6eb7b-f9e9"
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63977
via
1.1 google
track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
dev.visualwebsiteoptimizer.com/7.0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/7.0/track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=281744&u=https%3A%2F%2Fredirect.camfrog.com%2Fredirect%2F%3Fname%3DONLINECASINO%26url%3Dhttps%3A%2F%2Fwww.onlinecasino2go.com&r=0.041422327221353195
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
8cbd246e3c6473e7a092ad1c202fa0ed50c2fafac6ee80b8295a3ba2982d6ec6

Request headers

Referer
https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
Origin
https://redirect.camfrog.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 20:40:22 GMT
content-encoding
br
last-modified
Thu, 06 Jan 2022 13:15:39 GMT
server
gfra1
etag
"61d6eb7b-e87"
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3719
via
1.1 google
opa-3d1a80cbbc4fdc4472eae80c14d918ad.js
dev.visualwebsiteoptimizer.com/analysis/4.0/ 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=281744&u=https%3A%2F%2Fredirect.camfrog.com%2Fredirect%2F%3Fname%3DONLINECASINO%26url%3Dhttps%3A%2F%2Fwww.onlinecasino2go.com&r=0.041422327221353195
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
136dbde116bc44d6108c5792b99972ec87118e215d51515ec06821f2588eebb0

Request headers

Referer
https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
Origin
https://redirect.camfrog.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 20:40:21 GMT
content-encoding
br
last-modified
Thu, 06 Jan 2022 13:15:35 GMT
server
gfra1
etag
"61d6eb77-6982"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27010
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=281744&d=redirect.camfrog.com&u=DD5489D89D6991E43B3F014D7CB64C3D6&h=fe1c15abc993fb9470970178aaea63ea&t=false&r=0.11828235214863292
Requested by
Host: redirect.camfrog.com
URL: https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv3c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Jan 2022 20:40:22 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv3c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: redirect.camfrog.com
URL: https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5873
date
Thu, 06 Jan 2022 19:02:29 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Thu, 06 Jan 2022 21:02:29 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: redirect.camfrog.com
URL: https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-125.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 03:54:33 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
135916
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
ojdR_7MSbrgnelgOjMSvlCNZJzOZOJyDA9WjtLC45h57b2pEZ_DE7Q==
logo.svg
www.camfrog.com/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.camfrog.com/images/logo.svg
Requested by
Host: www.camfrog.com
URL: https://www.camfrog.com/de/css/template_styles.css?v=283
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-78.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
b2a2aa578be185064e781114ae29e5a9374bb25e6b11749bba3eec00dc4a18bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.camfrog.com/de/css/template_styles.css?v=283
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 20:40:22 GMT
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
last-modified
Sat, 09 Jun 2018 06:24:12 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"5b1b728c-171d"
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
max-age=259200, public
accept-ranges
bytes
content-length
5917
x-amz-cf-id
7dZ86Rsu4pfYa9ZdACOiQtUiOvYWbF4Gsdf3TnZZ1EAQipN6xStFHQ==
expires
Sun, 09 Jan 2022 20:40:22 GMT
social_icons.png
www.camfrog.com/images/social_buttons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.camfrog.com/images/social_buttons/social_icons.png?v=2
Requested by
Host: www.camfrog.com
URL: https://www.camfrog.com/de/css/template_styles_footer.css?v=283
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-78.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
ef938f64ef799bdedd2e91a584faeb9f8445b856332a1ebf81f65a443498e489

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.camfrog.com/de/css/template_styles_footer.css?v=283
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 20:40:22 GMT
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
last-modified
Fri, 24 May 2019 07:27:43 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"5ce79cef-57c"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=259200, public
accept-ranges
bytes
content-length
1404
x-amz-cf-id
aolxfccPpx8rv22Is-jM6QHPlulTl8SK51TxuSED_xSAequdFSdrWw==
expires
Sun, 09 Jan 2022 20:40:22 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://redirect.camfrog.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 13:52:02 GMT
x-content-type-options
nosniff
age
542900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 31 Dec 2022 13:52:02 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=13846821&ns__t=1641501622239&ns_c=UTF-8&cv=3.5&c8=&c7=https%3A%2F%2Fredirect.camfrog.com%2Fredirect%2F%3Fname%3DONLINECASINO%26url%3Dhttps%3A%2F%2Fwww.onl...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=13846821&ns__t=1641501622239&ns_c=UTF-8&cv=3.5&c8=&c7=https%3A%2F%2Fredirect.camfrog.com%2Fredirect%2F%3Fname%3DONLINECASINO%26url%3Dhttps%3A%2F%2Fwww.on...
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=13846821&ns__t=1641501622239&ns_c=UTF-8&cv=3.5&c8=&c7=https%3A%2F%2Fredirect.camfrog.com%2Fredirect%2F%3Fname%3DONLINECASINO%26url%3Dhttps%3A%2F%2Fwww.onlinecasino2go.com&c9=https%3A%2F%2Ffirsturl.de%2F
Requested by
Host: redirect.camfrog.com
URL: https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
Protocol
H2
Server
143.204.98.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-125.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 20:40:22 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
6rXuLyWJrvBG5phfaGijbfEHPH2mjlJYUjK2a3xO30ycE_-uFVpOSw==
x-cache
Miss from cloudfront

Redirect headers

date
Thu, 06 Jan 2022 20:40:22 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=13846821&ns__t=1641501622239&ns_c=UTF-8&cv=3.5&c8=&c7=https%3A%2F%2Fredirect.camfrog.com%2Fredirect%2F%3Fname%3DONLINECASINO%26url%3Dhttps%3A%2F%2Fwww.onlinecasino2go.com&c9=https%3A%2F%2Ffirsturl.de%2F
content-length
268
x-amz-cf-id
d343_3-FrIszL0rlAqAIldbNe_gLqct8WkaxJm0Uqyfw7T2_IDEPAA==
worker-70faafffa0475802f5ee03ca5ff74179.js
dev.visualwebsiteoptimizer.com/analysis/ 		47 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 20:40:21 GMT
content-encoding
br
last-modified
Thu, 06 Jan 2022 13:15:35 GMT
server
gfra1
etag
"61d6eb77-351f"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13599
via
1.1 google
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=208348543&utmhn=redirect.camfrog.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1870603-1&cid=2050902669.1641501622&jid=621404046&_v=5.7.2&z=208348543
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1870603-1&cid=2050902669.1641501622&jid=621404046&_v=5.7.2&z=208348543
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1870603-1&cid=2050902669.1641501622&jid=621404046&_v=5.7.2&z=208348543&slf_rd=1&random=4130228525
42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1870603-1&cid=2050902669.1641501622&jid=621404046&_v=5.7.2&z=208348543&slf_rd=1&random=4130228525
Requested by
Host: redirect.camfrog.com
URL: https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
Protocol
H2
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://redirect.camfrog.com/redirect/?name=ONLINECASINO&url=https://www.onlinecasino2go.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Jan 2022 20:40:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 Jan 2022 20:40:22 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1870603-1&cid=2050902669.1641501622&jid=621404046&_v=5.7.2&z=208348543&slf_rd=1&random=4130228525
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onsecuritypolicyviolation object| onslotchange object| _vwo_code number| settings_timer number| _vwo_settings_timer number| _vwo_acc_id object| vwoCode object| _vwo_style string| _vwo_css string| _vwo_cookieDomain string| _vwo_uuid string| _vis_opt_file number| _vwo_library_timer string| _vis_opt_lib undefined| b number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| VWO object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp object| _vwo_pa string| _vwo_opa_cb string| _vwo_worker_cb object| ___gcfg object| html object| body object| library_data function| getWindowSizes function| addEvent function| getScroll function| setScroll function| preventDefault object| Scroll function| redirectWithForm function| getRandomInt function| getObjectLength function| getArrayShuffle function| isArray function| isInteger function| isEmail function| isFloat function| issetParam function| addScript function| serializeParams function| AJAX function| getHashParams function| setHashParams function| smoothScrollTo object| MasonryTails function| getOs object| Cookie function| formatDate function| changeLang function| pageSwitcher object| _gaq object| _comscore function| setCookie function| udm_ object| ns_p object| COMSCORE function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment object| _vwo_evq function| _vwo_ev boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_t object| _vwo_editorOperationTracker function| _vwo_handleMutations object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath number| _vis_opt_experiment_id boolean| _vwo_settings_timed_out object| __nls object| _gat object| gaGlobal number| ___vwo

14 Cookies

Domain/Path Name / Value
firsturl.de/ Name: cookie_consent_level
Value: %7B%22strictly-necessary%22%3Atrue%2C%22functionality%22%3Afalse%2C%22tracking%22%3Afalse%2C%22targeting%22%3Afalse%7D
.camfrog.com/ Name: PHPSESSID
Value: 9t9g49bhmt69iqt1u5iu6j0qo6
.redirect.camfrog.com/ Name: _vwo_uuid_v2
Value: DD5489D89D6991E43B3F014D7CB64C3D6|fe1c15abc993fb9470970178aaea63ea
.camfrog.com/ Name: _vis_opt_s
Value: 1%7C
.camfrog.com/ Name: _vis_opt_test_cookie
Value: 1
.camfrog.com/ Name: _vwo_uuid
Value: DD5489D89D6991E43B3F014D7CB64C3D6
.camfrog.com/ Name: _vwo_sn
Value: 0%3A1
.scorecardresearch.com/ Name: UID
Value: 1D3433FRISZL0RLAQAILDBg1641501622
.redirect.camfrog.com/ Name: __utma
Value: 164933820.2050902669.1641501622.1641501622.1641501622.1
.redirect.camfrog.com/ Name: __utmc
Value: 164933820
.redirect.camfrog.com/ Name: __utmz
Value: 164933820.1641501622.1.1.utmcsr=firsturl.de|utmccn=(referral)|utmcmd=referral|utmcct=/
.redirect.camfrog.com/ Name: __utmt
Value: 1
.redirect.camfrog.com/ Name: __utmb
Value: 164933820.1.10.1641501622
.camfrog.com/ Name: _vwo_ds
Value: 3%3Aa_0%2Ct_0%3A0%241641501621%3A36.6550718%3A%3A%3A42_0%2C14_0%3A0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dev.visualwebsiteoptimizer.com
firsturl.de
fonts.googleapis.com
fonts.gstatic.com
redirect.camfrog.com
sb.scorecardresearch.com
ssl.google-analytics.com
stats.g.doubleclick.net
www.camfrog.com
www.google.com
www.google.de
www.gstatic.com
143.204.98.125
143.204.98.128
143.204.98.78
2606:4700:3032::6815:37b7
2a00:1450:4001:80e::2003
2a00:1450:4001:813::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2004
2a00:1450:400c:c0c::9a
34.96.102.137
02745ba6f3906bb37a8cc42c120e2d9beef3ddc4570551f4460419c4748b2141
02c88bba01d0ab1525cb00d7909c910375e7b2f1ccdbe1e62a9221dfbb44ccb5
02fea9181433d073de2c559eeb99b916b4498124c46788b5cb9be0e692251104
04c6b2d6f35c6fec594184f59a019a1611c7f179e94abb1535d11e4368ed5f29
04de5f97e3a9f20c3cd0cf447e4b83a9637473c6ec2f0240b8d4df4f4b3fdb8c
0df3b4593c5eb2615806c8a56e963b1a19a72e03af86973b1e762e749ade03f1
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
136dbde116bc44d6108c5792b99972ec87118e215d51515ec06821f2588eebb0
196dbd9bbb848910c88bc9a19a3bcc85fb3d97ae6d673a77f37a6ecbf398c868
24aba94849b63efccecdb133df76b1e5e64b76ab8d93db0b56cf21b55ba2c311
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
3e1a31272f27e436fed627d2a4b5b471c55dfad901b17c93aa1e787a272f0930
56314d3b00cd6a086015b7aff3012e76834489cb56f6ca8622c1fa7cdbafa92a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8cbd246e3c6473e7a092ad1c202fa0ed50c2fafac6ee80b8295a3ba2982d6ec6
9b82fdea7d95532bc88ed7e923495347258dc93310725e4bc7b78b35ba320eb2
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a68514067b7f42d4d6eff1a2c0e9c89c806d30a263459e57e956775efdd55882
ac97bc7f217e4f44ef06f70136d703ef07504dcb904e0848bee504cc8a4aafc4
b2a2aa578be185064e781114ae29e5a9374bb25e6b11749bba3eec00dc4a18bc
c36672734eb354012ec579c10e879ecf0e25dbcb2c0281bad87a94ed332698d4
d6b1ee1113df9181d66452fe3899f280e9bd174ba6b3d277d6b93474e867d510
d81c5fe0ec47980392218e611e2a8aa6f6046554387b40e0096acfad7d544651
d9f72244ddff57f17896946b0a7ecea565d9bade54b6319f5e639b5e01126aac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
ed6f77c097f0236a46fd7747f6665e7ae54f7ecc95e20f1b16db71affa3799d9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef938f64ef799bdedd2e91a584faeb9f8445b856332a1ebf81f65a443498e489
f5844d119b0d7d2d0f427bb92c5e16959b51f66509c63bf2f44a4795d7886537
fb85cc6abeebb039382a10e65de110ac6c444101a4fc219fb63b884fb13f0ca1