urlscan.io logo urlscan.io
SecurityTrails logo

casino.hopa.com Open in urlscan Pro
107.178.254.45  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cormail.duckdns.org/rd/c578aXmyG22634XZyo750999fhb153bxBE147
Effective URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Submission: On December 23 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 8 countries across 24 domains to perform 68 HTTP transactions. The main IP is 107.178.254.45, located in United States and belongs to GOOGLE, US. The main domain is casino.hopa.com.
TLS certificate: Issued by R3 on December 5th 2020. Valid for: 3 months.
This is the only time casino.hopa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 178.170.122.97 21409 (IKOULA)
1 1 34.95.111.202 15169 (GOOGLE)
1 1 18.202.12.61 16509 (AMAZON-02)
1 107.178.254.45 15169 (GOOGLE)
5 35.244.137.202 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
10 192.229.133.208 15133 (EDGECAST)
5 35.222.120.150 15169 (GOOGLE)
1 34.120.27.38 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 95.129.34.40 20521 (ASN-BELLNET)
2 167.99.135.134 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::3 44788 (ASN-CRITE...)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 139.45.196.25 9002 (RETN-AS)
4 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 2600:9000:21c... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 34.95.123.171 15169 (GOOGLE)
1 178.250.2.151 44788 (ASN-CRITE...)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
6 130.211.115.4 15169 (GOOGLE)
4 2a03:2880:f12... 32934 (FACEBOOK)
1 151.101.114.110 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 162.247.242.18 23467 (NEWRELIC-...)
2 2a00:1450:400... 15169 (GOOGLE)
68 30
2    178.170.122.97 (France)

ASN21409 (IKOULA, FR)
PTR: ik122097.ikexpress.com
cormail.duckdns.org
1    34.95.111.202 (United States)

ASN15169 (GOOGLE, US)
PTR: 202.111.95.34.bc.googleusercontent.com
www.lls2strk.com
1    18.202.12.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-12-61.eu-west-1.compute.amazonaws.com
trafficgridmedia.go2cloud.org
1    107.178.254.45 (United States)

ASN15169 (GOOGLE, US)
PTR: 45.254.178.107.bc.googleusercontent.com
casino.hopa.com
5    35.244.137.202 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 202.137.244.35.bc.googleusercontent.com
g.fastcdn.co
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
10    192.229.133.208 (United States)

ASN15133 (EDGECAST, US)
v.fastcdn.co
5    35.222.120.150 (United States)

ASN15169 (GOOGLE, US)
PTR: 150.120.222.35.bc.googleusercontent.com
heatmap-events-collector.instapage.com
anthill.instapage.com
ec.instapagemetrics.com
1    34.120.27.38 (United States)

ASN15169 (GOOGLE, US)
PTR: 38.27.120.34.bc.googleusercontent.com
cdn.instapagemetrics.com
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    95.129.34.40 (Israel)

ASN20521 (ASN-BELLNET, MT)
info.hopa.com
2    167.99.135.134 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
geoip-db.com
1    2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    139.45.196.25 (Ascension Island)

ASN9002 (RETN-AS, GB)
my.rtmark.net
4    2606:4700:e2::ac40:8d05 (United States)

ASN13335 (CLOUDFLARENET, US)
86519160.adoric-om.com
app.adoric-om.com
1    2600:9000:21c7:e200:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.ad-score.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    34.95.123.171 (United States)

ASN15169 (GOOGLE, US)
PTR: 171.123.95.34.bc.googleusercontent.com
static.adoric.com
gcpstatic.adoric.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    130.211.115.4 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 4.115.211.130.bc.googleusercontent.com
data.ad-score.com
4    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    162.247.242.18 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net
bam.nr-data.net
2    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
10 v.fastcdn.co casino.hopa.com
6 data.ad-score.com js.ad-score.com
5 g.fastcdn.co casino.hopa.com
4 www.facebook.com casino.hopa.com
4 fonts.gstatic.com fonts.googleapis.com
3 app.adoric-om.com 86519160.adoric-om.com
3 connect.facebook.net cormail.duckdns.org
connect.facebook.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 fonts.googleapis.com casino.hopa.com
86519160.adoric-om.com
2 bam.nr-data.net js-agent.newrelic.com
2 ec.instapagemetrics.com cdn.instapagemetrics.com
2 my.rtmark.net www.googletagmanager.com
2 geoip-db.com code.jquery.com
2 heatmap-events-collector.instapage.com casino.hopa.com
heatmap-events-collector.instapage.com
2 cormail.duckdns.org 1 redirects
1 gcpstatic.adoric.com
1 js-agent.newrelic.com info.hopa.com
1 stats.g.doubleclick.net www.google-analytics.com
1 gum.criteo.com static.criteo.net
1 sslwidget.criteo.com static.criteo.net
1 static.adoric.com 86519160.adoric-om.com
1 js.ad-score.com casino.hopa.com
1 86519160.adoric-om.com cormail.duckdns.org
1 static.criteo.net www.googletagmanager.com
1 info.hopa.com casino.hopa.com
1 anthill.instapage.com casino.hopa.com
1 www.googletagmanager.com casino.hopa.com
1 cdn.instapagemetrics.com casino.hopa.com
1 code.jquery.com casino.hopa.com
1 casino.hopa.com cormail.duckdns.org
1 trafficgridmedia.go2cloud.org 1 redirects
1 www.lls2strk.com 1 redirects
68 32
Subject Issuer Validity Valid
casino.hopa.com
R3		 2020-12-05 -
2021-03-05		 3 months crt.sh
g.fastcdn.co
GTS CA 1D2		 2020-11-27 -
2021-02-25		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
v.fastcdn.co
DigiCert SHA2 Secure Server CA		 2020-05-05 -
2022-07-14		 2 years crt.sh
heatmap-events-collector.instapage.com
Let's Encrypt Authority X3		 2020-10-29 -
2021-01-27		 3 months crt.sh
cdn.instapagemetrics.com
GTS CA 1D2		 2020-12-09 -
2021-03-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
anthill.instapage.com
Let's Encrypt Authority X3		 2020-11-14 -
2021-02-12		 3 months crt.sh
*.hopa.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-03 -
2021-12-03		 a year crt.sh
geoip-db.com
Let's Encrypt Authority X3		 2020-11-27 -
2021-02-25		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2020-11-17 -
2021-02-14		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-11-02 -
2021-01-30		 3 months crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2020-10-27 -
2021-11-26		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-02 -
2021-10-02		 a year crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2020-09-02 -
2021-10-04		 a year crt.sh
*.adoric.com
Let's Encrypt Authority X3		 2020-10-12 -
2021-01-10		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2020-11-17 -
2021-02-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-12-17 -
2021-05-07		 5 months crt.sh
ec.instapagemetrics.com
R3		 2020-12-20 -
2021-03-20		 3 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 4 frames:

Primary Page: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Frame ID: 1ADA25A63A18D72630DADDD7B50E4DEB
Requests: 64 HTTP requests in this frame

Frame: https://info.hopa.com/visit.aspx?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559&gameverticalid=246
Frame ID: 8219B9BB6E56B7D86484B8CB364EB971
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=casino.hopa.com
Frame ID: 06B9AC1E4AB98C5EE3D43DEA5E36351F
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 06002CDB18C1E1C28167B8351F29D874
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://cormail.duckdns.org/rd/c578aXmyG22634XZyo750999fhb153bxBE147 Page URL
  2. http://cormail.duckdns.org/track/c578aXmyG22634XZyo750999fhb153bxBE147 HTTP 302
    https://www.lls2strk.com/226CHGS/69R38WF/?sub1=7&sub2=147-578&sub3=22634-750999-153 HTTP 302
    https://trafficgridmedia.go2cloud.org/aff_c?offer_id=138&aff_id=1101&&aff_sub=af32001e29374ea89087f9aa339e31e6&aff... HTTP 302
    https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559 Page URL

Page Statistics

68
Requests

97 %
HTTPS

48 %
IPv6

24
Domains

32
Subdomains

30
IPs

8
Countries

1223 kB
Transfer

2571 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cormail.duckdns.org/rd/c578aXmyG22634XZyo750999fhb153bxBE147 Page URL
  2. http://cormail.duckdns.org/track/c578aXmyG22634XZyo750999fhb153bxBE147 HTTP 302
    https://www.lls2strk.com/226CHGS/69R38WF/?sub1=7&sub2=147-578&sub3=22634-750999-153 HTTP 302
    https://trafficgridmedia.go2cloud.org/aff_c?offer_id=138&aff_id=1101&&aff_sub=af32001e29374ea89087f9aa339e31e6&aff_sub2=7&aff_sub3=643 HTTP 302
    https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
c578aXmyG22634XZyo750999fhb153bxBE147
cormail.duckdns.org/rd/ 		231 B
348 B 		Document
General
Check archive.org
Download Go to
Full URL
http://cormail.duckdns.org/rd/c578aXmyG22634XZyo750999fhb153bxBE147
Protocol
HTTP/1.1
Server
178.170.122.97 , France, ASN21409 (IKOULA, FR),
Reverse DNS
ik122097.ikexpress.com
Software
/
Resource Hash
713940c0f79d2d462a7848fde8ddd58d39be328f17d2b342ed5f0118a9e21420

Request headers

Host
cormail.duckdns.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/html; charset=utf-8
Date
Wed, 23 Dec 2020 13:24:50 GMT
Content-Length
231
Primary Request /
casino.hopa.com/gonzo/
Redirect Chain
  • http://cormail.duckdns.org/track/c578aXmyG22634XZyo750999fhb153bxBE147
  • https://www.lls2strk.com/226CHGS/69R38WF/?sub1=7&sub2=147-578&sub3=22634-750999-153
  • https://trafficgridmedia.go2cloud.org/aff_c?offer_id=138&aff_id=1101&&aff_sub=af32001e29374ea89087f9aa339e31e6&aff_sub2=7&aff_sub3=643
  • https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
74 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Requested by
Host: cormail.duckdns.org
URL: http://cormail.duckdns.org/rd/c578aXmyG22634XZyo750999fhb153bxBE147
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.178.254.45 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
45.254.178.107.bc.googleusercontent.com
Software
openresty / Express
Resource Hash
255b7f89023d7350f8c1aaf56e8e016d4d2b582c1b08d9eec80e44496f429678
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
casino.hopa.com
:scheme
https
:path
/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://cormail.duckdns.org/rd/c578aXmyG22634XZyo750999fhb153bxBE147
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://cormail.duckdns.org/rd/c578aXmyG22634XZyo750999fhb153bxBE147

Response headers

server
openresty
date
Wed, 23 Dec 2020 13:25:19 GMT
content-type
text/html; charset=utf-8
x-powered-by
Express
access-control-allow-origin
*
etag
W/"12799-85GRGc14BzKWgK4FcO96FygRjSs"
vary
Accept-Encoding
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

Server
nginx
Date
Wed, 23 Dec 2020 13:25:19 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
300
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Set-Cookie
enc_aff_session_138=ENC039d8c41eacbb34cb06b11efb7e1bb7a737dc4cac176b6c99a76221f33633ed0e84a4a2950b0a7f6969d0dac6218efaa96cf9731211fb38a48a74fb26c33be84c203c803c25478c8e9ed2dd2fb87930209ec34f70a2651d2cba04f100ea9770e53e50cebcde71ec97c4ce00f4f12b55831d3207974ed0345e14a74bb63a97ff2337930485e41ea0df69436f7c7bce932b2c56aee831d88fd7ba4f098b771592090a807e03c599e70dc33bab6caaea6c45a26cc8c64be3060d05852e1798e058e52c3eab97a125a8b95262220eb1c00adf33031a5ede51ca439e674d3f0bcd5a3e3188e3d50; expires=Sat, 23 Jan 2021 13:25:19 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4My4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Sat, 18 Nov 2023 00:05:19 GMT; path=/; SameSite=None; Secure
Tracking_id
102625792ae6112b0ae1d244e53559
X-Robots-Tag
noindex, nofollow
Access-Control-Allow-Origin
*
X-Request-Id
dfa852184bfe5c915e3fd86beb640e08
Access-Control-Allow-Headers
Tune-SDK-Version
utils.c184de99dc0ba5f0021e.js
g.fastcdn.co/js/ 		47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.fastcdn.co/js/utils.c184de99dc0ba5f0021e.js
Requested by
Host: casino.hopa.com
URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.137.202 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
202.137.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
eeca3b6c9a50c2313fa01184856857911dce5be863c0e990b1c047b5f9b59084

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 23:46:13 GMT
content-encoding
gzip
age
1085946
x-guploader-uploadid
ABg5-Uwe6c-Gwj2JvsyQmO-TqhoKxYoSQ8kLPzeQrFgBATYEv2ujGNPsXdSJFpffHWFOgiFQa5PR9wy7Tm55WLJac_MtVhJ1sw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
15992
last-modified
Thu, 10 Dec 2020 16:16:01 GMT
server
UploadServer
etag
"594835f43fe409a3a2e9108bd63ed54e"
vary
Accept-Encoding
x-goog-hash
crc32c=o+dE+A==, md5=WUg19D/kCaOi6RCL1j7VTg==
x-goog-generation
1607616961575016
cache-control
public, max-age=31536000
x-goog-stored-content-length
15992
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 10 Dec 2021 23:46:13 GMT
Cradle.e4698f9c97fc4b021e43.js
g.fastcdn.co/js/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.fastcdn.co/js/Cradle.e4698f9c97fc4b021e43.js
Requested by
Host: casino.hopa.com
URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.137.202 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
202.137.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e79cc8e19c50e82551c15d5bed757fa9e8d4002793ce9b5bf501de57551af1bc

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 01:24:47 GMT
content-encoding
gzip
age
1166432
x-guploader-uploadid
ABg5-UwFXot38SmP1ERvkVQJC7p1xcAtOu92qenp0iuZ93kiQCiKigJkLBIIQw4WPLLITNTTxFjJWhwLLQg0e1Jxuu4cLxn7Qw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
4801
last-modified
Thu, 10 Dec 2020 00:20:49 GMT
server
UploadServer
etag
"734e394dbdd426c6fa829c54ed267634"
vary
Accept-Encoding
x-goog-hash
crc32c=WktD+w==, md5=c045Tb3UJsb6gpxU7SZ2NA==
x-goog-generation
1607559649574275
cache-control
public, max-age=31536000
x-goog-stored-content-length
4801
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 10 Dec 2021 01:24:47 GMT
LazyImage.5c22b33358ebb526e37b.js
g.fastcdn.co/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.fastcdn.co/js/LazyImage.5c22b33358ebb526e37b.js
Requested by
Host: casino.hopa.com
URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.137.202 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
202.137.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7a69efa7f043d1309d50f5d70776d810d4cd44833f5275f9753b8a3384cf8e50

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 09:14:49 GMT
content-encoding
gzip
age
2261430
x-guploader-uploadid
ABg5-UxrLng_Z63ijPLLQ7X073lEX95k3MZp0JLF8EwyyjGqYtSMvam7aEmAONAdc2uhgOi-xSsVIZZWcthem_vB06I
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
1564
last-modified
Thu, 26 Nov 2020 22:05:55 GMT
server
UploadServer
etag
"84bcc7a8bc9590da263d48ca3f75b2c2"
vary
Accept-Encoding
x-goog-hash
crc32c=n9dmLA==, md5=hLzHqLyVkNomPUjKP3Wywg==
x-goog-generation
1606428355595309
cache-control
public, max-age=31536000
x-goog-stored-content-length
1564
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 27 Nov 2021 09:14:49 GMT
css
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
Requested by
Host: casino.hopa.com
URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4956068b2f2c2f14c6dd7fb409b7e5a22ab4a41b45c9ad683bc0f77c5853ffba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 23 Dec 2020 12:19:15 GMT
server
ESF
date
Wed, 23 Dec 2020 13:25:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 23 Dec 2020 13:25:19 GMT
LegacyVendors.d341954906ae69acee39.js
g.fastcdn.co/js/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.fastcdn.co/js/LegacyVendors.d341954906ae69acee39.js
Requested by
Host: casino.hopa.com
URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.137.202 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
202.137.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
95bdb8a3cd90e91621c9e68d4b157dd7fedab021ee89e9e173d17f93f0f03305

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 22:41:24 GMT
content-encoding
gzip
age
1781035
x-guploader-uploadid
ABg5-Uy0EDSZ2L5EhvxoipMGI2gUYL3qZmm0ezmhfyWwOVQE4ST26pngfApu8XvC8ET5EkEaRaB1lpjGpK3aNWIrqAmCO4y_7Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
33710
last-modified
Tue, 01 Dec 2020 07:48:03 GMT
server
UploadServer
etag
"fc551ad7e347bf019785e719fab1ba31"
vary
Accept-Encoding
x-goog-hash
crc32c=MgUolg==, md5=/FUa1+NHvwGXhecZ+rG6MQ==
x-goog-generation
1599031844145938
cache-control
public, max-age=31536000
x-goog-stored-content-length
33710
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 02 Dec 2021 22:41:24 GMT
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: casino.hopa.com
URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Origin
https://casino.hopa.com
Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 13:25:19 GMT
content-encoding
gzip
last-modified
Wed, 01 May 2019 21:14:27 GMT
server
nginx
etag
W/"5cca0c33-15851"
vary
Accept-Encoding
x-hw
1608729919.dop151.fr8.t,1608729919.cds268.fr8.hn,1608729919.cds261.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
50452405-0-18-white-on-black.png
v.fastcdn.co/u/96ab1cdb/ 		153 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v.fastcdn.co/u/96ab1cdb/50452405-0-18-white-on-black.png
Requested by
Host: casino.hopa.com
URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B7A) /
Resource Hash
50ba87a0816d3ece6c2f303be0cd1639ca1708b775c792617fa03857f1bb93b5

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 13:25:19 GMT
x-goog-stored-content-length
156574
age
19146883
x-guploader-uploadid
AAANsUlOeumWILxin2_M3qNfuUE6I2SHaLCCiZjWWBmJ_lBStvh7f9LcifN6SEsTqO9M3VFZG-1Rc2QvWhNmKIyDL3M
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-meta-expires
Fri, 11 Jun 2021 03:21:16 GMT
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156574
last-modified
Mon, 20 Apr 2020 11:21:16 GMT
server
ECS (amb/6B7A)
etag
"113e477ad129c338b98bebe800d1fafd"
x-goog-hash
crc32c=DhnNDQ==, md5=ET5HetEpwzi5i+voANH6/Q==
content-type
image/png
x-goog-generation
1587381676845972
cache-control
max-age=315360000, public
x-goog-meta-content-length
0
accept-ranges
bytes
expires
Thu, 23 Dec 2021 13:25:19 GMT
49940535-0-itech-labs.png
v.fastcdn.co/u/96ab1cdb/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v.fastcdn.co/u/96ab1cdb/49940535-0-itech-labs.png
Requested by
Host: casino.hopa.com
URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B7D) /
Resource Hash
df72ae5de8dd84fc32a175f2c75fee936c8f109f01654d977a25de4a0c4ae5e9

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 13:25:19 GMT
x-goog-stored-content-length
6262
age
21196015
x-guploader-uploadid
AAANsUmaa3kvdZJSY1of2C1-iGzyuhnZu1Zz8iUVJMdVRlVfQI792T1guWUVy_x6DyectV2IOIFXGR7uMEs3GXpozJuAuoVLXg
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-meta-expires
Sun, 16 May 2021 13:07:58 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
6262
last-modified
Wed, 25 Mar 2020 21:07:58 GMT
server
ECS (amb/6B7D)
etag
"34f6b424c9a7ce57fcdcebd7526b4d94"
x-goog-hash
crc32c=M4K3vQ==, md5=NPa0JMmnzlf83OvXUmtNlA==
content-type
image/png
x-goog-generation
1585170478269841
cache-control
max-age=315360000, public
x-goog-meta-content-length
0
accept-ranges
bytes
expires
Thu, 23 Dec 2021 13:25:19 GMT
49940500-0-gambleranonimous.png
v.fastcdn.co/u/96ab1cdb/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v.fastcdn.co/u/96ab1cdb/49940500-0-gambleranonimous.png
Requested by
Host: casino.hopa.com
URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B9E) /
Resource Hash
ecc4a240d640aa546ed577b0a97d9bb8090fc8d681bdd913c2e396a1005e7e7f

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 13:25:19 GMT
x-goog-stored-content-length
5830
age
23006651
x-guploader-uploadid
AEnB2UrCcRnM2-tJFMXX8zd3a8p3lucGefNMiBe8OmLALTq0KbeQlMT10iPh7pkFmud_szkcH-iZ79GxwCTIjn1YgJIWD8s8Lvbm-ZHmxbtoj76AgXhp9V4
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-meta-expires
Sun, 16 May 2021 13:07:16 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5830
last-modified
Wed, 25 Mar 2020 21:07:16 GMT
server
ECS (amb/6B9E)
etag
"681207b470158a0f3f86b5bc6aa760e3"
x-goog-hash
crc32c=a66HCw==, md5=aBIHtHAVig8/hrW8aqdg4w==
content-type
image/png
x-goog-generation
1585170436901259
cache-control
max-age=315360000, public
x-goog-meta-content-length
0
accept-ranges
bytes
expires
Thu, 23 Dec 2021 13:25:19 GMT
49940525-0-gamstop.png
v.fastcdn.co/u/96ab1cdb/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v.fastcdn.co/u/96ab1cdb/49940525-0-gamstop.png
Requested by
Host: casino.hopa.com
URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B95) /
Resource Hash
3e04d8972efef052662457966b5c4323d768f7635cf93c8f9a864dd50de2194f

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 13:25:19 GMT
x-goog-stored-content-length
2098
age
21091150
x-guploader-uploadid
AAANsUkINmhPBGm6B7RlOIVCJrirg0yDciXal-yaZcSA3SCT7dPf9FDxHNgYVmNdJxYC9CJoIxlbaJQ16w0z-j3o71A
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-meta-expires
Sun, 16 May 2021 13:07:58 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
2098
last-modified
Wed, 25 Mar 2020 21:07:58 GMT
server
ECS (amb/6B95)
etag
"8f25deaa5ca03b928012e7f20983f7b6"
x-goog-hash
crc32c=zggMJg==, md5=jyXeqlygO5KAEufyCYP3tg==
content-type
image/png
x-goog-generation
1585170478276848
cache-control
max-age=315360000, public
x-goog-meta-content-length
0
accept-ranges
bytes
expires
Thu, 23 Dec 2021 13:25:19 GMT
lib.js
heatmap-events-collector.instapage.com/static/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heatmap-events-collector.instapage.com/static/lib.js
Requested by
Host: casino.hopa.com
URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.222.120.150 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
150.120.222.35.bc.googleusercontent.com
Software
/
Resource Hash
9f4331078abd467835bcf0b2367872f497045d37ebfb32fe7d9f82cf6843d282
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
strict-transport-security
max-age=315360000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 10 Dec 2020 09:38:33 GMT
x-frame-options
SAMEORIGIN
date
Wed, 23 Dec 2020 13:25:20 GMT
expect-ct
max-age=0
vary
Accept-Encoding, Accept-Encoding
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
cache-control
public, must-revalidate, public
access-control-allow-credentials
true
accept-ranges
bytes
expires
Wed, 23 Dec 2020 13:30:20 GMT
it.js
cdn.instapagemetrics.com/t/js/ 		111 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.instapagemetrics.com/t/js/it.js
Requested by
Host: casino.hopa.com
URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.27.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.27.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
07719ec79181a87caf2cb7ea5bd35945a3e9f46cc41b6917775ef096b76929d2

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 13:25:19 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UwdavJFlhHLEkfy1_HlGsL3fDy6iwuWWSNedDN_60vP0ShOSM5yXsBJi3WNIDefupTCIZ5MiJ_j3coqpteta9U
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
x-goog-meta-tracker-version
2.15.0
alt-svc
clear
content-length
33128
last-modified
Mon, 24 Aug 2020 17:06:45 GMT
server
UploadServer
etag
"318e77f6c3e7c333b55428540c33901b"
x-goog-hash
crc32c=KvIaMQ==, md5=MY539sPnwzO1VChUDDOQGw==
x-goog-generation
1598288805406309
cache-control
no-transform
x-goog-stored-content-length
33128
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 23 Dec 2021 13:25:19 GMT
sptw.js
g.fastcdn.co/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.fastcdn.co/js/sptw.js
Requested by
Host: casino.hopa.com
URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.137.202 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
202.137.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1abbc438ccbec177464379a4522e624d4a7746eea304c7ac202728c80ebcccd4

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 12:15:40 GMT
content-encoding
gzip
age
1213779
x-guploader-uploadid
ABg5-UwfWw0yz25s2CUPCWXX2qHqueI0ybo3nbS2XXEvBfeqjy8oBjv4tFSlrBiTb61qekGlsEpyr3MS4tA6ZzJ1ko8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
2834
last-modified
Wed, 09 Dec 2020 12:14:49 GMT
server
UploadServer
etag
"6db7500c6576046eb988802b0f231171"
vary
Accept-Encoding
x-goog-hash
crc32c=cwoqgg==, md5=bbdQDGV2BG65iIArDyMRcQ==
x-goog-generation
1607516089022452
cache-control
public, max-age=31536000
x-goog-stored-content-length
2834
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 09 Dec 2021 12:15:40 GMT
gtm.js
www.googletagmanager.com/ 		131 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KD944MM
Requested by
Host: casino.hopa.com
URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b389cd55d189f6467d66250cf29623012d7457590ce86c850cfaa3495b6f6a3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 13:25:19 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46396
x-xss-protection
0
last-modified
Wed, 23 Dec 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 23 Dec 2020 13:25:19 GMT
50450095-0-hopa-logo-white.png
v.fastcdn.co/u/96ab1cdb/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v.fastcdn.co/u/96ab1cdb/50450095-0-hopa-logo-white.png
Requested by
Host: casino.hopa.com
URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B8F) /
Resource Hash
bc269ae5f6b057d284ecedf748f59ce28019c59ec70beea491e4af40a32a89b9

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 13:25:19 GMT
x-goog-stored-content-length
25116
age
19146883
x-guploader-uploadid
AAANsUk0_agL5vSWUd1X9N528v-pG3TpB4GUGbPTTKPkwftACYVslPjN1UyOc5zXg874KfIwXvbjCrGUB3OBTCXm7w
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-meta-expires
Fri, 11 Jun 2021 01:34:37 GMT
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25116
last-modified
Mon, 20 Apr 2020 09:34:37 GMT
server
ECS (amb/6B8F)
etag
"45c94b11ef336694f5959647f4a52e8b"
x-goog-hash
crc32c=xH+cwQ==, md5=RclLEe8zZpT1lZZH9KUuiw==
content-type
image/png
x-goog-generation
1587375277104259
cache-control
max-age=315360000, public
x-goog-meta-content-length
0
accept-ranges
bytes
expires
Thu, 23 Dec 2021 13:25:19 GMT
50450060-0-gonzo.jpg
v.fastcdn.co/u/96ab1cdb/ 		376 KB
377 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v.fastcdn.co/u/96ab1cdb/50450060-0-gonzo.jpg
Requested by
Host: casino.hopa.com
URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA5) /
Resource Hash
e7e0925329aa5c36b7fdb41d1244e98753d2289779e8ac4ed7ecee552f9bcd50

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 13:25:19 GMT
x-goog-stored-content-length
385272
age
14065198
x-guploader-uploadid
AAANsUnF8TQXS2IXfqQwihGmr_z-nmgJGQEuqwUzFqZiOICHa177HLKmZxP_bYLp-ahrKtSBGE6IGAYO65zCw_5Q7zjwmhVN8A
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-meta-expires
Fri, 11 Jun 2021 01:32:33 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
385272
last-modified
Mon, 20 Apr 2020 09:32:34 GMT
server
ECS (amb/6BA5)
etag
"0f122434a7cd4042a8fd34700d0b1994"
x-goog-hash
crc32c=VZTyNw==, md5=DxIkNKfNQEKo/TRwDQsZlA==
content-type
image/jpeg
x-goog-generation
1587375154020537
cache-control
max-age=315360000, public
x-goog-meta-content-length
0
accept-ranges
bytes
expires
Thu, 23 Dec 2021 13:25:19 GMT
50197155-0-ww.png
v.fastcdn.co/u/96ab1cdb/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v.fastcdn.co/u/96ab1cdb/50197155-0-ww.png
Requested by
Host: casino.hopa.com
URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB4) /
Resource Hash
fa3c5940af7bceee6a0ce9bc97d7ca6a2e84e95ce92e4b029bc6edec8d365514

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 13:25:19 GMT
x-goog-stored-content-length
38724
age
21195168
x-guploader-uploadid
AAANsUmctdsnUoMzFTRUcpKyIk1nhBzPG8XUwhy-Bon_h5lCSeQRkkk6jm4Nrs-Wh-drFL2LXV97aKyzVYX9HMHicEY
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-meta-expires
Sat, 29 May 2021 02:16:39 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
38724
last-modified
Tue, 07 Apr 2020 10:16:40 GMT
server
ECS (amb/6BB4)
etag
"7ced2b305a7dc9608212f720b1132239"
x-goog-hash
crc32c=V6y1Bg==, md5=fO0rMFp9yWCCEvcgsRMiOQ==
content-type
image/png
x-goog-generation
1586254600046964
cache-control
max-age=315360000, public
x-goog-meta-content-length
0
accept-ranges
bytes
expires
Thu, 23 Dec 2021 13:25:19 GMT
50197150-0-mga.png
v.fastcdn.co/u/96ab1cdb/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v.fastcdn.co/u/96ab1cdb/50197150-0-mga.png
Requested by
Host: casino.hopa.com
URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC5) /
Resource Hash
2ecdf7f08ba253a93b2a0993ed08f294ed8779a8fb7d2159a82c1b4c08ab2d3d

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 13:25:19 GMT
x-goog-stored-content-length
5091
age
21091150
x-guploader-uploadid
AAANsUkxJlJdpm5f-y0wVUKu2L0u47XbIepiSx1pDw4RVzLu-QQEcgMszjMHxEruDbN2DdevGpuLGpeXRcqpqL7sfSea48u_ow
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-meta-expires
Sat, 29 May 2021 02:16:39 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5091
last-modified
Tue, 07 Apr 2020 10:16:39 GMT
server
ECS (amb/6BC5)
etag
"6a890aaee5ac9a8fca5478d09366237f"
x-goog-hash
crc32c=efBesw==, md5=aokKruWsmo/KVHjQk2Yjfw==
content-type
image/png
x-goog-generation
1586254599992155
cache-control
max-age=315360000, public
x-goog-meta-content-length
0
accept-ranges
bytes
expires
Thu, 23 Dec 2021 13:25:19 GMT
50502185-0-gamble-aware-1.png
v.fastcdn.co/u/96ab1cdb/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v.fastcdn.co/u/96ab1cdb/50502185-0-gamble-aware-1.png
Requested by
Host: casino.hopa.com
URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B91) /
Resource Hash
b0f6d50ce96c4ef1499ed60917580d11591e34e63d2c3821e8722dafa32d551c

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 13:25:19 GMT
x-goog-stored-content-length
2925
age
19146883
x-guploader-uploadid
AAANsUkxnKnOSeRAg1l6LUE_VuSrSrg7GahGwZBy_wGRS8V1L2rC6Ub6VJjJIolrMBqB4rUUmh0k50hV52V_d-VCLA
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-meta-expires
Sun, 13 Jun 2021 04:09:41 GMT
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2925
last-modified
Wed, 22 Apr 2020 12:09:41 GMT
server
ECS (amb/6B91)
etag
"ebee517b6c01aaa02f62a4fd67aebe9b"
x-goog-hash
crc32c=PksjOQ==, md5=6+5Re2wBqqAvYqT9Z66+mw==
content-type
image/png
x-goog-generation
1587557381133273
cache-control
max-age=315360000, public
x-goog-meta-content-length
0
accept-ranges
bytes
expires
Thu, 23 Dec 2021 13:25:19 GMT
50497240-0-gamecare.png
v.fastcdn.co/u/96ab1cdb/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v.fastcdn.co/u/96ab1cdb/50497240-0-gamecare.png
Requested by
Host: casino.hopa.com
URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BAC) /
Resource Hash
7aedb6b4a2412fe835ba86dc0f2b671e21f4dbade89e03ac780e25ee9f22adf1

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 13:25:19 GMT
x-goog-stored-content-length
1400
age
19146883
x-guploader-uploadid
AAANsUnulsCdoYPcrEtMaHXvkHOexhUftpkh8VtRcB71dLyHs0HYKRWY4VO0I48eRSyFtyiP7vBIfUH6mdFLMYUnb_2FUxCZJw
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-meta-expires
Sat, 12 Jun 2021 23:26:53 GMT
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1400
last-modified
Wed, 22 Apr 2020 07:26:53 GMT
server
ECS (amb/6BAC)
etag
"904d25603e6c4b6fb97bfbf9b564d76d"
x-goog-hash
crc32c=kZhggA==, md5=kE0lYD5sS2+5e/v5tWTXbQ==
content-type
image/png
x-goog-generation
1587540413738955
cache-control
max-age=315360000, public
x-goog-meta-content-length
0
accept-ranges
bytes
expires
Thu, 23 Dec 2021 13:25:19 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://casino.hopa.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 11:36:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:27 GMT
server
sffe
age
438507
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Sat, 18 Dec 2021 11:36:52 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://casino.hopa.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 16:31:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
420854
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Sat, 18 Dec 2021 16:31:05 GMT
visit
anthill.instapage.com/projects/56c2f3d796773d0a7e96a536/events/ 		35 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://anthill.instapage.com/projects/56c2f3d796773d0a7e96a536/events/visit?api_key=00c50009dd470c2934de67d21c220c8607de29845aa209eeeaedd41891b45d95f499320f48d6818179af5815c8ddf28575ef913820782b701d423b130a22021f874820b9c7b91791633df78f2d88a52579febe9a48c9a10c6bbc68d40b4b1a5e44e415e8ae95955e55b421622b740912959014e83fe68aa4b57f25d3516b110a9f4d5a8ceb3e2d2d97b4cbe7ad581160&data=eyJwYWdlX3VybCI6Imh0dHBzOi8vY2FzaW5vLmhvcGEuY29tL2dvbnpvLz9hZmk9Mjg2NDUmYXI9MTEwMSZtbWk9NTg2NDImcGFyPSZnY2xpZD0xMDI2MjU3OTJhZTYxMTJiMGFlMWQyNDRlNTM1NTkiLCJvd25lcl9pZCI6MzcxMzI2MCwiY3VzdG9tZXJfaWQiOjQwOTYxMDAsInBhZ2VfaWQiOjIwMzQ5NDAwLCJwdWJsaXNoZWRfdmVyc2lvbiI6MywidmFyaWF0aW9uX25hbWUiOiJBIiwidmFyaWF0aW9uX2lkIjoxLCJsaW5rZWRfdmFyaWF0aW9uX2lkIjoyLCJ2YXJpYXRpb24iOiJBIiwicXVhbnRpdHkiOjEsImluaXRpYWxfcmVzcG9uc2l2ZV9tb2RlIjpudWxsLCJzdGF0aWNfcGFnZSI6ZmFsc2UsImphdmFzY3JpcHQiOnRydWUsInZpZXdwb3J0X2hlaWdodCI6MTIwMCwidmlld3BvcnRfd2lkdGgiOjE2MDAsImNhbXBhaWduX2lkIjpmYWxzZSwiYWRfaWQiOmZhbHNlLCJjYW1wYWlnbl9zb3VyY2UiOmZhbHNlLCJ2aXNpdGVkIjowLCJyZXNwb25zaXZlX21vZGUiOm51bGwsInJlZiI6Imh0dHA6Ly9jb3JtYWlsLmR1Y2tkbnMub3JnL3JkL2M1NzhhWG15RzIyNjM0WFp5bzc1MDk5OWZoYjE1M2J4QkUxNDcifQ==&t=1608729919894
Requested by
Host: casino.hopa.com
URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.222.120.150 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
150.120.222.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 13:25:20 GMT
referrer-policy
same-origin
x-powered-by
Express
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=315360000; includeSubDomains
vary
Accept-Encoding, Origin
content-length
35
etag
W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
Cookie set visit.aspx
info.hopa.com/ Frame 8219 		9 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://info.hopa.com/visit.aspx?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559&gameverticalid=246
Requested by
Host: casino.hopa.com
URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.129.34.40 , Israel, ASN20521 (ASN-BELLNET, MT),
Reverse DNS
Software
/ ASP.NET
Resource Hash
5d4db1d4e9a324cabbd0ac9bf2f5e72f332b8c29cd6a7edd1c3a1e67e699466f
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
info.hopa.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Set-Cookie
ASP.NET_SessionId=y3soiwsbakvxwpzptznfiwgx; path=/; secure; HttpOnly; SameSite=Lax LanguageCode=ENG; domain=info.hopa.com; expires=Sat, 23-Dec-2023 13:25:20 GMT; path=/; secure CSI_4=EncryptedUniqueVisitorID=5CBB4F010179D7827BACCCA8EF32DA4D&AffiliateID=28645&MarketingMaterialID=58642&LastUpdate=2020-12-23&AlternateReference=1101&PlayerAlternateReference=&gclid=102625792ae6112b0ae1d244e53559&LandingPageReference=&GameVerticalID=246; domain=info.hopa.com; expires=Sun, 23-Dec-2040 13:25:20 GMT; path=/; secure GameVerticalID=246; domain=Hopa.com; expires=Tue, 23-Mar-2021 13:25:20 GMT; path=/; secure AffiliateID=28645; domain=Hopa.com; expires=Sat, 23-Jan-2021 13:25:20 GMT; path=/; secure MarketingMaterialID=58642; domain=Hopa.com; expires=Tue, 23-Mar-2021 13:25:20 GMT; path=/; secure PlayerAlternateReference=; domain=Hopa.com; expires=Tue, 23-Mar-2021 13:25:20 GMT; path=/; secure AlternateReference=1101; domain=Hopa.com; expires=Tue, 23-Mar-2021 13:25:20 GMT; path=/; secure gclid=102625792ae6112b0ae1d244e53559; domain=Hopa.com; expires=Tue, 23-Mar-2021 13:25:20 GMT; path=/; secure UniqueVisitorID=5CBB4F010179D7827BACCCA8EF32DA4D; domain=Hopa.com; expires=Tue, 23-Mar-2021 13:25:20 GMT; path=/; secure CountryCode=NL; domain=info.hopa.com; expires=Sat, 23-Dec-2023 13:25:20 GMT; path=/; secure RegistrationMode=M; domain=info.hopa.com; expires=Sat, 23-Dec-2023 13:25:20 GMT; path=/; secure BO=; domain=info.hopa.com; expires=Sat, 23-Dec-2023 13:25:20 GMT; path=/; secure CSITemp=4; domain=info.hopa.com; path=/; secure
p3p
CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"
X-Powered-By
ASP.NET
Date
Wed, 23 Dec 2020 13:25:19 GMT
Content-Length
4507
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Strict-Transport-Security
max-age=16070400
/
geoip-db.com/json/ 		171 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip-db.com/json/
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.99.135.134 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5b1f354b2759e66670f229067f2107d8fb94bd36157549cb8cf597a40eaa4b9f

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 23 Dec 2020 13:25:19 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
content-type
text/html; charset=UTF-8
/
geoip-db.com/json/ 		171 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip-db.com/json/
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.99.135.134 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5b1f354b2759e66670f229067f2107d8fb94bd36157549cb8cf597a40eaa4b9f

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 23 Dec 2020 13:25:19 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
content-type
text/html; charset=UTF-8
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KD944MM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
5685
date
Wed, 23 Dec 2020 11:50:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Wed, 23 Dec 2020 13:50:34 GMT
ld.js
static.criteo.net/js/ld/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KD944MM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0f6204713c11eeb6d7648e3401617e22f8e88f96cd517a538dc018ac2ab7bdf2

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 13:25:20 GMT
content-encoding
gzip
last-modified
Mon, 14 Sep 2020 13:03:43 GMT
server
nginx
etag
W/"5f5f6a2f-90a2"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Thu, 24 Dec 2020 13:25:20 GMT
fbevents.js
connect.facebook.net/en_US/ 		90 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cormail.duckdns.org
URL: http://cormail.duckdns.org/rd/c578aXmyG22634XZyo750999fhb153bxBE147
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
abdf01dbab06efbec289cf85e83f8ec3618f996ab6803e9f9437db14bc5cbf53
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23470
x-fb-rlafr
0
pragma
public
x-fb-debug
syHhY93NyvCa9oBRRPTKFrvmNfMcXsvzt3vA7D0IV8KS0dSblIaRO4PwdSUUd1iat7rd7EEUZ64hWKaH/VC3Bg==
x-fb-trip-id
436667874
x-frame-options
DENY
date
Wed, 23 Dec 2020 13:25:19 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
p.js
my.rtmark.net/ 		697 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/p.js?f=sync&lr=1&partner=58b5af2832492d653535743c972fdbcbc5f76b0521ea0ed7cd26145bec21e330
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KD944MM
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.196.25 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
41e0b29f30f7a6b6012cbc6f0258926d6a7eddc489e4853d9df26adf783f3f8f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 23 Dec 2020 13:25:19 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Authorization
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length
697
adoric.js
86519160.adoric-om.com/ 		137 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://86519160.adoric-om.com/adoric.js
Requested by
Host: cormail.duckdns.org
URL: http://cormail.duckdns.org/rd/c578aXmyG22634XZyo750999fhb153bxBE147
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61132027c344e877421f12d8940982def10bb11da9e8cd9d2c5d688023a4c456
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 13:25:19 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
423
x-dns-prefetch-control
off
content-range
bytes 50-10000/*
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
cf-ray
6062686fcb661e47-FRA
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2239f-5GyGb7SRc/pRTfdE2mcpIt0U4xk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oFvQeQoCL4Cw2YRw1bnL0SQvB6OON06z4yRgWGTvYhHWOWfz%2FSyNI4GO8h9a6r%2FzN0xH1QHwLqK0kXKh0yk%2FDzyFXa%2BK7ceitFA7DQcKgFtJNRgjU%2FKqadTdpZmaFMluC6nQ"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
access-control-allow-origin
movetogcp2020.com
cache-control
public, max-age=14400
access-control-allow-credentials
*
cf-request-id
07315f99e100001e470a369000000001
content-type
text/javascript; charset=utf-8
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
score.min.js
js.ad-score.com/ 		297 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/score.min.js?pid=1000211
Requested by
Host: casino.hopa.com
URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:e200:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
dd5ea2fbcba54d080b73e9926184c5d6cf751dbf151110c312a96b44980f7306

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 22 Dec 2020 16:15:17 GMT
Content-Encoding
gzip
Age
76203
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Tue, 22 Dec 2020 16:15:17 GMT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Via
1.1 3649c20f8adf8628b43dbef00864e392.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
AMS54-C1
Access-Control-Allow-Headers
Cache-Control
X-Amz-Cf-Id
gjS9mq9VxTZ-5XEp9tcBfvJu_q3AxM215XpgwxqKhEbXhqvN2QIMog==
Expires
Wed, 23 Dec 2020 16:15:17 GMT
collect
www.google-analytics.com/j/ 		2 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1889015429&t=pageview&_s=1&dl=https%3A%2F%2Fcasino.hopa.com%2Fgonzo%2F%3Fafi%3D28645%26ar%3D1101%26mmi%3D58642%26par%3D%26gclid%3D102625792ae6112b0ae1d244e53559&dr=http%3A%2F%2Fcormail.duckdns.org%2Frd%2Fc578aXmyG22634XZyo750999fhb153bxBE147&ul=en-us&de=UTF-8&dt=Gonzo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAgC~&jid=774819234&gjid=1901017439&cid=830615656.1608729920&tid=UA-85369190-1&_gid=65569357.1608729920&_r=1&gtm=2wgbu0KD944MM&cd1=28645&cd2=1101&cd3=&cd4=102625792ae6112b0ae1d244e53559&cd5=58642&z=872774392
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 23 Dec 2020 13:25:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://casino.hopa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
1680136742252975
connect.facebook.net/signals/config/ 		239 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1680136742252975?v=2.9.31&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
06dcae7076c11dd56751a28a7f52a8b87bfadb6ed0f50af7e1f874bff6a1e6dc
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70346
x-fb-rlafr
0
pragma
public
x-fb-debug
Z8wzIVDW0rMYLG4Omtx2SokM5i998Rozchn0dzGAUHtNJZDigClaE5gwo4NddnxPElOAfbbCfBmvlIH+9gh9VA==
x-fb-trip-id
436667874
x-frame-options
DENY
date
Wed, 23 Dec 2020 13:25:20 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
410781655
expires
Sat, 01 Jan 2000 00:00:00 GMT
adoric.v4.min.css
static.adoric.com/ 		162 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.adoric.com/adoric.v4.min.css
Requested by
Host: 86519160.adoric-om.com
URL: https://86519160.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.123.171 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.123.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f99cdcccb416b99f0826760b0f50e722bbba82d5290f97b6ffb4605249d9580f

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 12:34:01 GMT
content-encoding
gzip
age
3079
x-guploader-uploadid
ABg5-UyBTQIAUR9eDgziddVEuZsMrlGCQeAsUah_Xp50JL-efOECrTKZIUOm4n5PA1ZvwM-w0v3M-vPWGFZvz1GYCDtrXoRC6A
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
12292
x-goog-meta-
last-modified
Wed, 02 Sep 2020 08:23:20 GMT
server
UploadServer
etag
"21b813c54ce1cad3bc51afe640a4a76c"
vary
Accept-Encoding
x-goog-hash
crc32c=s8QsYA==, md5=IbgTxUzhytO8Ua/mQKSnbA==
x-goog-generation
1599035000575391
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
12292
accept-ranges
bytes
content-type
text/css
expires
Wed, 23 Dec 2020 13:34:01 GMT
/
app.adoric-om.com/v1/campaigns/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.adoric-om.com/v1/campaigns/?u=ffae07bbfffe00e0a553f89120598c67&l=en&cc=0&b=notIdentified&os=mac&h=https%3A%2F%2Fcasino.hopa.com%2Fgonzo%2F%3Fafi%3D28645%26ar%3D1101%26mmi%3D58642%26par%3D%26gclid%3D102625792ae6112b0ae1d244e53559&d=desktop&lsps=0&pd=A&nv=true&tz=-60&cIds=%5B%5D
Requested by
Host: 86519160.adoric-om.com
URL: https://86519160.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1863ab05854a03a7fcc474b3990b00113e38e965ae62eb147c274183b398054
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 13:25:20 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
cf-ray
606268719a7f176a-FRA
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"e80-KoFT0O42HexwipKC8veGucHz5Vg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b8%2BonwuKN%2BG0JaZbFNk6g1NmQ158eF2Vly4sl9dW53Tgq%2BvjJa4tDZRY5nqMGTehy%2FQjkZ0lVMKs%2BbQjDwkiCRuf5JgHQ8m1VpixlFTabgDfmTozHNEU%2BNkylH1XWg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
access-control-allow-origin
*
access-control-allow-credentials
*
cf-request-id
07315f9b020000176ab8bb5000000001
content-type
application/json; charset=utf-8
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
event
sslwidget.criteo.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sslwidget.criteo.com/event?a=27655&v=5.6.2&p0=e%3Dce%26m%3D%255Bhttps%25253A%25252F%25252Fcasino.hopa.com%25252Fgonzo%25252F%25253Fafi%25253D28645%252526ar%25253D1101%252526mmi%25253D58642%252526par%25253D%252526gclid%25253D102625792ae6112b0ae1d244e53559%255D&p1=e%3Dexd%26site_type%3Dd%26ref%3Dhttp%253A%252F%252Fcormail.duckdns.org&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=hopa.com&dtycbr=37201
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8289d6128fdf7efb2907ca86935b29d65532572e22c20a46682d0db6f89a946c

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Dec 2020 13:25:19 GMT
content-encoding
gzip
content-type
application/x-javascript
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
server-processing-duration-in-ticks
10195
timing-allow-origin
*
content-length
864
expires
0
syncframe
gum.criteo.com/ Frame 06B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=casino.hopa.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=casino.hopa.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
490
date
Wed, 23 Dec 2020 13:25:19 GMT
content-length
0
collect
stats.g.doubleclick.net/j/ 		1 B
84 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-85369190-1&cid=830615656.1608729920&jid=774819234&gjid=1901017439&_gid=65569357.1608729920&_u=YEBAAAAAAAAAgC~&z=945230286
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 23 Dec 2020 13:25:20 GMT
content-type
text/plain
access-control-allow-origin
https://casino.hopa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cors
data.ad-score.com/data/ 		42 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=BMDkUQSOYryUdycbDCauYYHPWchIDrvU-FE7fPshldVrrKD8Z0HLLEEzAPg==-E0zBNMtiaFXjMQ==&pm_ct=f9692cc9abec84918609562d&pm_pl=1608729920316&pm_td=12&pid=1000211&en=1.1&callback=__pm_glbl_vcVDnPvw0ILCg2EGc5Znxjfz._gc1&tt=g&v=da592e5
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000211
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
d08c2711e8f66ecb2d9ce8382920569d7fcd7fcd2e91788bc3036ccbe9e101a1

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 23 Dec 2020 13:25:20 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://casino.hopa.com
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
42
truncated
/ Frame 0600 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
/
app.adoric-om.com/v1/versions/html/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.adoric-om.com/v1/versions/html/?ids=5ea2f360a23d130010437d07&pIds=
Requested by
Host: 86519160.adoric-om.com
URL: https://86519160.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df67fa5532b619a95225fc13b8e9b8e3b93ccc90223f16bfa317f8d1e8d7b4cf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 13:25:20 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
cf-ray
606268730caf176a-FRA
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"12fd-BK+WUxl5XmlrLYK6Gni3+vTqArw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nuKHo8iFE4%2BvZjDGmoLwS2jpaR3uObUTEiWmrlO%2FQKHmNYb7oHJ4mW0FifYMOH8gAoA%2F1oduL3PvxENVsD5%2FhxaqsJyTSgbWPRf7ScwlGWFc8SbQx9RPNw2hXx91%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
access-control-allow-origin
*
access-control-allow-credentials
*
cf-request-id
07315f9be10000176aa2194000000001
content-type
application/json; charset=utf-8
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
aefb3d44-ae55-4065-90ad-98385459cca4
https://casino.hopa.com/ 		720 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://casino.hopa.com/aefb3d44-ae55-4065-90ad-98385459cca4
Requested by
Host: casino.hopa.com
URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
720
Content-Type
application/javascript
cors
data.ad-score.com/data/ 		1 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=BMDkUQSOYryUdycbDCauYYHPWchIDrvU-FE7fPshldVrrKD8Z0HLLEEzAPg==-E0zBNMtiaFXjMQ==&pm_ct=f9692cc9abec84918609562d&pm_pl=1608729920316&pm_td=190&pid=1000211&en=1.1&callback=__pm_glbl_vcVDnPvw0ILCg2EGc5Znxjfz._gc2&tt=g&v=da592e5
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000211
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://casino.hopa.com
Date
Wed, 23 Dec 2020 13:25:20 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
122565654915235
connect.facebook.net/signals/config/ 		239 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/122565654915235?v=2.9.31&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c9559a1e91ce3da2fbf10cc2d084cc39e98c5c8538c77aefd2352da339728946
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70370
x-fb-rlafr
0
pragma
public
x-fb-debug
fNUvjD8Gj4RIjE9mJkBk9Vt25WYFIOrNpJCOQ3TYiSVgMsNP/YilAfnQB6d7tGfCcUcEu3sy5t5AA6cD/5hYig==
x-fb-trip-id
436667874
x-frame-options
DENY
date
Wed, 23 Dec 2020 13:25:20 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
2072830582
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1680136742252975&ev=PageView&dl=https%3A%2F%2Fcasino.hopa.com%2Fgonzo%2F%3Fafi%3D28645%26ar%3D1101%26mmi%3D58642%26par%3D%26gclid%3D102625792ae6112b0ae1d244e53559&rl=http%3A%2F%2Fcormail.duckdns.org%2Frd%2Fc578aXmyG22634XZyo750999fhb153bxBE147&if=false&ts=1608729920532&sw=1600&sh=1200&v=2.9.31&r=stable&ec=0&o=30&fbp=fb.1.1608729920531.1829622352&it=1608729920229&coo=false&rqm=GET
Requested by
Host: casino.hopa.com
URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 13:25:20 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 23 Dec 2020 13:25:20 GMT
nr-1184.min.js
js-agent.newrelic.com/ Frame 8219 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1184.min.js
Requested by
Host: info.hopa.com
URL: https://info.hopa.com/visit.aspx?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559&gameverticalid=246
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77

Request headers

Referer
https://info.hopa.com/visit.aspx?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559&gameverticalid=246
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 13:25:20 GMT
content-encoding
gzip
x-amz-request-id
A21809B1C987C063
x-cache
HIT
content-length
10624
x-amz-id-2
5/0iWHe8AbcxZN6Jo3BmJ2Q+tztfRSNwr+lcNTrsM79nJm6KurTN6rNwf14f8ELquc1TIDOjlf4=
x-served-by
cache-hhn4034-HHN
last-modified
Mon, 28 Sep 2020 16:34:45 GMT
server
AmazonS3
x-timer
S1608729921.603891,VS0,VE0
etag
"3d7f312be60d08a2568e311e4762f3af"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
25637
/
www.facebook.com/tr/ 		44 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=122565654915235&ev=PageView&dl=https%3A%2F%2Fcasino.hopa.com%2Fgonzo%2F%3Fafi%3D28645%26ar%3D1101%26mmi%3D58642%26par%3D%26gclid%3D102625792ae6112b0ae1d244e53559&rl=http%3A%2F%2Fcormail.duckdns.org%2Frd%2Fc578aXmyG22634XZyo750999fhb153bxBE147&if=false&ts=1608729920559&sw=1600&sh=1200&v=2.9.31&r=stable&ec=0&o=30&fbp=fb.1.1608729920531.1829622352&it=1608729920229&coo=false&rqm=GET
Requested by
Host: casino.hopa.com
URL: https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 13:25:20 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 23 Dec 2020 13:25:20 GMT
two
ec.instapagemetrics.com/t/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://ec.instapagemetrics.com/t/two
Protocol
H2
Server
35.222.120.150 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
150.120.222.35.bc.googleusercontent.com
Software
akka-http/10.1.10 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://casino.hopa.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-origin
https://casino.hopa.com
access-control-max-age
5
date
Wed, 23 Dec 2020 13:25:20 GMT
referrer-policy
same-origin
server
akka-http/10.1.10
strict-transport-security
max-age=315360000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
content-length
0
two
ec.instapagemetrics.com/t/ 		2 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ec.instapagemetrics.com/t/two
Requested by
Host: cdn.instapagemetrics.com
URL: https://cdn.instapagemetrics.com/t/js/it.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.222.120.150 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
150.120.222.35.bc.googleusercontent.com
Software
akka-http/10.1.10 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 23 Dec 2020 13:25:21 GMT
referrer-policy
same-origin
server
akka-http/10.1.10
x-frame-options
SAMEORIGIN
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://casino.hopa.com
access-control-allow-credentials
true
x-content-type-options
nosniff
strict-transport-security
max-age=315360000; includeSubDomains
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
content-length
2
x-xss-protection
1; mode=block
cors
data.ad-score.com/data/ 		1 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=BMDkUQSOYryUdycbDCauYYHPWchIDrvU-FE7fPshldVrrKD8Z0HLLEEzAPg==-E0zBNMtiaFXjMQ==&pm_ct=f9692cc9abec84918609562d&pm_pl=1608729920316&pm_td=269&pid=1000211&en=1.1&callback=__pm_glbl_vcVDnPvw0ILCg2EGc5Znxjfz._gc3&tt=g&v=da592e5
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000211
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://casino.hopa.com
Date
Wed, 23 Dec 2020 13:25:20 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
collect
www.google-analytics.com/ 		35 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=1889015429&t=adtiming&_s=2&dl=https%3A%2F%2Fcasino.hopa.com%2Fgonzo%2F%3Fafi%3D28645%26ar%3D1101%26mmi%3D58642%26par%3D%26gclid%3D102625792ae6112b0ae1d244e53559&dr=http%3A%2F%2Fcormail.duckdns.org%2Frd%2Fc578aXmyG22634XZyo750999fhb153bxBE147&ul=en-us&de=UTF-8&dt=Gonzo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1361&pdt=1&dns=11&rrt=431&srt=45&tcp=41&dit=685&clt=685&_gst=735&_gbt=1000&_cst=633&_cbt=722&_u=aHDAAEABAAAAgC~&jid=&gjid=&cid=830615656.1608729920&tid=UA-85369190-1&_gid=65569357.1608729920&gtm=2wgbu0KD944MM&cd1=28645&cd2=1101&cd3=&cd4=102625792ae6112b0ae1d244e53559&cd5=58642&z=1455301754
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Dec 2020 05:50:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
27292
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		4 KB
711 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:700|Open+Sans:400
Requested by
Host: 86519160.adoric-om.com
URL: https://86519160.adoric-om.com/adoric.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9c88bbf6795ced59fe226716a4b1221bdb548e874e2600e5eba42c35aac8e7fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 23 Dec 2020 13:25:20 GMT
server
ESF
date
Wed, 23 Dec 2020 13:25:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 23 Dec 2020 13:25:20 GMT
branding.svg
gcpstatic.adoric.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gcpstatic.adoric.com/branding.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.123.171 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.123.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bd338ef682c3e480c17d819e567591b70db334e21f17b4b5065105259eb1fb0e

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 12:53:27 GMT
age
1913
x-guploader-uploadid
ABg5-Ux63gtKDbHVEHqQW3nurnKXT2TyGJV4roG1j74YhuVDOh1Gt-2Ff_EMyR6SfswP885bSX_EErAlfwoEBMG8mCWDEgKBcA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
1650
last-modified
Fri, 05 Jun 2020 11:01:19 GMT
server
UploadServer
etag
"1b81ba01eef0262461f5111a5966962a"
x-goog-hash
crc32c=ksCrvg==, md5=G4G6Ae7wJiRh9REaWWaWKg==
x-goog-generation
1591354879360590
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
1650
accept-ranges
bytes
content-type
image/svg+xml
expires
Wed, 23 Dec 2020 13:53:27 GMT
css
fonts.googleapis.com/ 		4 KB
642 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:700|Open+Sans:400
Requested by
Host: 86519160.adoric-om.com
URL: https://86519160.adoric-om.com/adoric.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9c88bbf6795ced59fe226716a4b1221bdb548e874e2600e5eba42c35aac8e7fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 23 Dec 2020 13:25:20 GMT
server
ESF
date
Wed, 23 Dec 2020 13:25:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 23 Dec 2020 13:25:20 GMT
showed
app.adoric-om.com/v1/statistics/ 		48 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.adoric-om.com/v1/statistics/showed?lightboxId=5ea2f360a23d130010437d07&campaignId=5ea2f360a23d130010437d20&domainId=5ea2f30eb6bf4c00172ab957&planId=5b7ae536974042b600497845&planType=freeMonthly&userId=5b7ae536974042b600497844&newPeople=true&control=&clientId=kj1g9asrk9a5s3qxvq&robotStatisticId=null&robotId=null&steps=
Requested by
Host: 86519160.adoric-om.com
URL: https://86519160.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd1068e5dfbfde880b2a1679c12c7521e2349b128e2760764b26479ccdf29747
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 13:25:20 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
cf-ray
60626873dde2176a-FRA
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"30-ABRQB7FtcJCr1VCSKeKX4+sTz5s"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yvoDkzPXa1fWHpbwhIdWO32fjoeqlkVo4pePjKCKKONdzRxPKctWOAY3kygusUGBc%2Bfl6kGcrH%2FRBsm1HygMwcRcsBrlxDIbEa8Ep5YriTQ37l7aHj0h0mU1lvZfsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
access-control-allow-origin
*
access-control-allow-credentials
*
cf-request-id
07315f9c690000176a4c10d000000001
content-type
application/json; charset=utf-8
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
4f0d48170f
bam.nr-data.net/1/ Frame 8219 		57 B
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/4f0d48170f?a=1138676472,1152943401&v=1184.ab39b52&to=NFMEMURQDRcCUUYPCg0ZJzZmHhUNEFtGSAQQRh4%3D&rst=726&ck=1&ref=https://info.hopa.com/visit.aspx&ap=74&be=638&fe=640&dc=640&perf=%7B%22timing%22:%7B%22of%22:1608729919911,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:9,%22c%22:9,%22s%22:25,%22ce%22:316,%22rq%22:316,%22rp%22:463,%22rpe%22:464,%22dl%22:567,%22di%22:640,%22ds%22:640,%22de%22:640,%22dc%22:640,%22l%22:640,%22le%22:641%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash
e02cdaa490caecb3bb5303b6e28acdb8a08d4f866ec1eb932a2d2c81bc95ebe9

Request headers

Referer
https://info.hopa.com/visit.aspx?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559&gameverticalid=246
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700|Open+Sans:400
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://casino.hopa.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:700|Open+Sans:400
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 11:36:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:27 GMT
server
sffe
age
438508
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Sat, 18 Dec 2021 11:36:52 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700|Open+Sans:400
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://casino.hopa.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:700|Open+Sans:400
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 16:31:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
420855
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Sat, 18 Dec 2021 16:31:05 GMT
cors
data.ad-score.com/data/ 		1 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=BMDkUQSOYryUdycbDCauYYHPWchIDrvU-FE7fPshldVrrKD8Z0HLLEEzAPg==-E0zBNMtiaFXjMQ==&pm_ct=f9692cc9abec84918609562d&pm_pl=1608729920316&pm_td=356&pid=1000211&en=1.1&callback=__pm_glbl_vcVDnPvw0ILCg2EGc5Znxjfz._gc4&tt=g&v=da592e5
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000211
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://casino.hopa.com
Date
Wed, 23 Dec 2020 13:25:20 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
img.gif
my.rtmark.net/ 		43 B
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=sync&partner=58b5af2832492d653535743c972fdbcbc5f76b0521ea0ed7cd26145bec21e330&ttl=&rurl=https%3A%2F%2Fcasino.hopa.com%2Fgonzo%2F%3Fafi%3D28645%26ar%3D1101%26mmi%3D58642%26par%3D%26gclid%3D102625792ae6112b0ae1d244e53559
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.196.25 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 23 Dec 2020 13:25:20 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Authorization
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length
43
/
www.facebook.com/tr/ 		44 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1680136742252975&ev=Microdata&dl=https%3A%2F%2Fcasino.hopa.com%2Fgonzo%2F%3Fafi%3D28645%26ar%3D1101%26mmi%3D58642%26par%3D%26gclid%3D102625792ae6112b0ae1d244e53559&rl=http%3A%2F%2Fcormail.duckdns.org%2Frd%2Fc578aXmyG22634XZyo750999fhb153bxBE147&if=false&ts=1608729921036&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Gonzo%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Asite_name%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fcasino.hopa.com%2Fgonzo%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.31&r=stable&ec=1&o=30&fbp=fb.1.1608729920531.1829622352&it=1608729920229&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 13:25:21 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 23 Dec 2020 13:25:21 GMT
/
www.facebook.com/tr/ 		44 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=122565654915235&ev=Microdata&dl=https%3A%2F%2Fcasino.hopa.com%2Fgonzo%2F%3Fafi%3D28645%26ar%3D1101%26mmi%3D58642%26par%3D%26gclid%3D102625792ae6112b0ae1d244e53559&rl=http%3A%2F%2Fcormail.duckdns.org%2Frd%2Fc578aXmyG22634XZyo750999fhb153bxBE147&if=false&ts=1608729921061&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Gonzo%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Asite_name%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fcasino.hopa.com%2Fgonzo%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.31&r=stable&ec=1&o=30&fbp=fb.1.1608729920531.1829622352&it=1608729920229&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 13:25:21 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 23 Dec 2020 13:25:21 GMT
cors
data.ad-score.com/data/ 		1 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=BMDkUQSOYryUdycbDCauYYHPWchIDrvU-FE7fPshldVrrKD8Z0HLLEEzAPg==-E0zBNMtiaFXjMQ==&pm_ct=f9692cc9abec84918609562d&pm_pl=1608729920316&pm_td=1155&pid=1000211&en=1.1&callback=__pm_glbl_vcVDnPvw0ILCg2EGc5Znxjfz._gc5&tt=g&v=da592e5
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000211
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://casino.hopa.com
Date
Wed, 23 Dec 2020 13:25:21 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
cors
data.ad-score.com/data/ 		1 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=BMDkUQSOYryUdycbDCauYYHPWchIDrvU-FE7fPshldVrrKD8Z0HLLEEzAPg==-E0zBNMtiaFXjMQ==&pm_ct=f9692cc9abec84918609562d&pm_pl=1608729920316&pm_td=2155&pid=1000211&en=1.1&callback=__pm_glbl_vcVDnPvw0ILCg2EGc5Znxjfz._gc6&tt=g&v=da592e5
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000211
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://casino.hopa.com
Date
Wed, 23 Dec 2020 13:25:22 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
raw-data
heatmap-events-collector.instapage.com/api/ 		33 B
644 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://heatmap-events-collector.instapage.com/api/raw-data
Requested by
Host: heatmap-events-collector.instapage.com
URL: https://heatmap-events-collector.instapage.com/static/lib.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.222.120.150 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
150.120.222.35.bc.googleusercontent.com
Software
/
Resource Hash
aeae628bb5c58695aeeb38d775b0d3e58f0d3448679f5f2a1c9038cc63ae2156
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://casino.hopa.com/gonzo/?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
vary
Accept-Encoding, Origin, Accept-Encoding
content-length
33
x-xss-protection
1; mode=block
referrer-policy
same-origin
x-frame-options
SAMEORIGIN
date
Wed, 23 Dec 2020 13:25:28 GMT
expect-ct
max-age=0
strict-transport-security
max-age=315360000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://casino.hopa.com
access-control-allow-credentials
true
etag
W/"21-OGHiFV/OrNujBxibS2uM6bqKAHs"
4f0d48170f
bam.nr-data.net/events/1/ Frame 8219 		24 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/4f0d48170f?a=1138676472,1152943401&v=1184.ab39b52&to=NFMEMURQDRcCUUYPCg0ZJzZmHhUNEFtGSAQQRh4%3D&rst=10947&ck=1&ref=https://info.hopa.com/visit.aspx
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://info.hopa.com/visit.aspx?afi=28645&ar=1101&mmi=58642&par=&gclid=102625792ae6112b0ae1d244e53559&gameverticalid=246
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://info.hopa.com
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| __variantsData number| __page_id number| __customer_id number| __default_experience_id number| __version string| __variant number| __variant_id string| __variant_custom_name boolean| __preview number| __page_type string| __variant_hash string| __page_domain boolean| __page_generator object| _Translate object| trackingData object| GlobalSnowplowNamespace function| instapageSp function| _instapageSnowplow function| $ function| ijQuery function| jQuery object| dataLayer object| webpackJsonp object| __eventBus object| __config number| __workspaceWidth object| __session boolean| __cradleReady object| __featuresReady object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| criteo_q function| fbq function| _fbq object| adoric object| gaplugins object| gaGlobal object| gaData function| ownKeys function| _objectSpread function| _defineProperty function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _slicedToArray function| _nonIterableRest function| _unsupportedIterableToArray function| _arrayLikeToArray function| _iterableToArrayLimit function| _arrayWithHoles function| _typeof function| _classCallCheck function| _defineProperties function| _createClass object| __adoric__ boolean| IS_ADORIC_LOADED object| Snowplow object| __pm_glbl object| __pm_glbl_vcVDnPvw0ILCg2EGc5Znxjfz object| __pm_ads_list string| AdScoreObject function| adScore object| unknown object| _htmp object| _snowplowTrackerWrapper number| _lbCounter

25 Cookies

Domain/Path Name / Value
.criteo.com/ Name: uid
Value: b57a3459-062b-4ca4-9e5c-c5dc0ef0348f
.info.hopa.com/ Name: CountryCode
Value: NL
.info.hopa.com/ Name: LanguageCode
Value: ENG
.hopa.com/ Name: _fbp
Value: fb.1.1608729920531.1829622352
.info.hopa.com/ Name: RegistrationMode
Value: M
.hopa.com/ Name: UniqueVisitorID
Value: 5CBB4F010179D7827BACCCA8EF32DA4D
.hopa.com/ Name: gclid
Value: 102625792ae6112b0ae1d244e53559
.hopa.com/ Name: AlternateReference
Value: 1101
.hopa.com/ Name: GameVerticalID
Value: 246
.hopa.com/ Name: MarketingMaterialID
Value: 58642
.hopa.com/ Name: AffiliateID
Value: 28645
.info.hopa.com/ Name: BO
Value:
casino.hopa.com/ Name: lastvisit
Value: 2020-12-23
.hopa.com/ Name: _gac_UA-85369190-1
Value: 1.1608729920.102625792ae6112b0ae1d244e53559
.casino.hopa.com/ Name: _gac_UA-85369190-1
Value: 1.1608729920.102625792ae6112b0ae1d244e53559
.hopa.com/ Name: _gid
Value: GA1.2.65569357.1608729920
.casino.hopa.com/ Name: _gid
Value: GA1.3.65569357.1608729920
.casino.hopa.com/ Name: _ga
Value: GA1.3.830615656.1608729920
.info.hopa.com/ Name: CSI_4
Value: EncryptedUniqueVisitorID=5CBB4F010179D7827BACCCA8EF32DA4D&AffiliateID=28645&MarketingMaterialID=58642&LastUpdate=2020-12-23&AlternateReference=1101&PlayerAlternateReference=&gclid=102625792ae6112b0ae1d244e53559&LandingPageReference=&GameVerticalID=246
.hopa.com/ Name: _ga
Value: GA1.2.830615656.1608729920
info.hopa.com/ Name: ASP.NET_SessionId
Value: y3soiwsbakvxwpzptznfiwgx
.hopa.com/ Name: PlayerAlternateReference
Value:
.info.hopa.com/ Name: CSITemp
Value: 4
.casino.hopa.com/ Name: _gat_UA-85369190-1
Value: 1
casino.hopa.com/ Name: visits
Value: 1

2 Console Messages

Source Level URL
Text
console-api log URL: https://js.ad-score.com/score.min.js?pid=1000211(Line 182)
Message:
[object Text]
console-api debug URL: https://js.ad-score.com/score.min.js?pid=1000211(Line 165)
Message:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

86519160.adoric-om.com
anthill.instapage.com
app.adoric-om.com
bam.nr-data.net
casino.hopa.com
cdn.instapagemetrics.com
code.jquery.com
connect.facebook.net
cormail.duckdns.org
data.ad-score.com
ec.instapagemetrics.com
fonts.googleapis.com
fonts.gstatic.com
g.fastcdn.co
gcpstatic.adoric.com
geoip-db.com
gum.criteo.com
heatmap-events-collector.instapage.com
info.hopa.com
js-agent.newrelic.com
js.ad-score.com
my.rtmark.net
sslwidget.criteo.com
static.adoric.com
static.criteo.net
stats.g.doubleclick.net
trafficgridmedia.go2cloud.org
v.fastcdn.co
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.lls2strk.com
107.178.254.45
130.211.115.4
139.45.196.25
151.101.114.110
162.247.242.18
167.99.135.134
178.170.122.97
178.250.2.151
18.202.12.61
192.229.133.208
2001:4de0:ac19::1:b:1a
2600:9000:21c7:e200:a:deb0:3380:93a1
2606:4700:e2::ac40:8d05
2a00:1450:4001:802::200a
2a00:1450:4001:808::2008
2a00:1450:4001:809::200e
2a00:1450:4001:81d::200a
2a00:1450:4001:81e::2003
2a00:1450:4001:820::200e
2a00:1450:4001:825::2003
2a00:1450:400c:c06::9b
2a02:2638:1::13
2a02:2638::3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.120.27.38
34.95.111.202
34.95.123.171
35.222.120.150
35.244.137.202
95.129.34.40
06dcae7076c11dd56751a28a7f52a8b87bfadb6ed0f50af7e1f874bff6a1e6dc
07719ec79181a87caf2cb7ea5bd35945a3e9f46cc41b6917775ef096b76929d2
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0f6204713c11eeb6d7648e3401617e22f8e88f96cd517a538dc018ac2ab7bdf2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1abbc438ccbec177464379a4522e624d4a7746eea304c7ac202728c80ebcccd4
255b7f89023d7350f8c1aaf56e8e016d4d2b582c1b08d9eec80e44496f429678
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2ecdf7f08ba253a93b2a0993ed08f294ed8779a8fb7d2159a82c1b4c08ab2d3d
3e04d8972efef052662457966b5c4323d768f7635cf93c8f9a864dd50de2194f
41e0b29f30f7a6b6012cbc6f0258926d6a7eddc489e4853d9df26adf783f3f8f
4956068b2f2c2f14c6dd7fb409b7e5a22ab4a41b45c9ad683bc0f77c5853ffba
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50ba87a0816d3ece6c2f303be0cd1639ca1708b775c792617fa03857f1bb93b5
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5b1f354b2759e66670f229067f2107d8fb94bd36157549cb8cf597a40eaa4b9f
5d4db1d4e9a324cabbd0ac9bf2f5e72f332b8c29cd6a7edd1c3a1e67e699466f
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61132027c344e877421f12d8940982def10bb11da9e8cd9d2c5d688023a4c456
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
713940c0f79d2d462a7848fde8ddd58d39be328f17d2b342ed5f0118a9e21420
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
7a69efa7f043d1309d50f5d70776d810d4cd44833f5275f9753b8a3384cf8e50
7aedb6b4a2412fe835ba86dc0f2b671e21f4dbade89e03ac780e25ee9f22adf1
8289d6128fdf7efb2907ca86935b29d65532572e22c20a46682d0db6f89a946c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
95bdb8a3cd90e91621c9e68d4b157dd7fedab021ee89e9e173d17f93f0f03305
9c88bbf6795ced59fe226716a4b1221bdb548e874e2600e5eba42c35aac8e7fb
9f4331078abd467835bcf0b2367872f497045d37ebfb32fe7d9f82cf6843d282
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
abdf01dbab06efbec289cf85e83f8ec3618f996ab6803e9f9437db14bc5cbf53
aeae628bb5c58695aeeb38d775b0d3e58f0d3448679f5f2a1c9038cc63ae2156
b0f6d50ce96c4ef1499ed60917580d11591e34e63d2c3821e8722dafa32d551c
b1863ab05854a03a7fcc474b3990b00113e38e965ae62eb147c274183b398054
b389cd55d189f6467d66250cf29623012d7457590ce86c850cfaa3495b6f6a3f
bc269ae5f6b057d284ecedf748f59ce28019c59ec70beea491e4af40a32a89b9
bd1068e5dfbfde880b2a1679c12c7521e2349b128e2760764b26479ccdf29747
bd338ef682c3e480c17d819e567591b70db334e21f17b4b5065105259eb1fb0e
c9559a1e91ce3da2fbf10cc2d084cc39e98c5c8538c77aefd2352da339728946
d08c2711e8f66ecb2d9ce8382920569d7fcd7fcd2e91788bc3036ccbe9e101a1
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
dd5ea2fbcba54d080b73e9926184c5d6cf751dbf151110c312a96b44980f7306
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df67fa5532b619a95225fc13b8e9b8e3b93ccc90223f16bfa317f8d1e8d7b4cf
df72ae5de8dd84fc32a175f2c75fee936c8f109f01654d977a25de4a0c4ae5e9
e02cdaa490caecb3bb5303b6e28acdb8a08d4f866ec1eb932a2d2c81bc95ebe9
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e79cc8e19c50e82551c15d5bed757fa9e8d4002793ce9b5bf501de57551af1bc
e7e0925329aa5c36b7fdb41d1244e98753d2289779e8ac4ed7ecee552f9bcd50
ecc4a240d640aa546ed577b0a97d9bb8090fc8d681bdd913c2e396a1005e7e7f
eeca3b6c9a50c2313fa01184856857911dce5be863c0e990b1c047b5f9b59084
f99cdcccb416b99f0826760b0f50e722bbba82d5290f97b6ffb4605249d9580f
fa3c5940af7bceee6a0ce9bc97d7ca6a2e84e95ce92e4b029bc6edec8d365514